[jboss-jira] [JBoss JIRA] Commented: (AS7-1625) Cookies version 0 value rejected by org.apache.tomcat.util.http.Cookies
Ondrej Zizka (JIRA)
jira-events at lists.jboss.org
Mon Aug 22 18:02:18 EDT 2011
[ https://issues.jboss.org/browse/AS7-1625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12622579#comment-12622579 ]
Ondrej Zizka commented on AS7-1625:
-----------------------------------
Just to add - it may not be a bug depending on how tolerant we want to be to what browsers send as `Cookie:`.
> Cookies version 0 value rejected by org.apache.tomcat.util.http.Cookies
> -----------------------------------------------------------------------
>
> Key: AS7-1625
> URL: https://issues.jboss.org/browse/AS7-1625
> Project: Application Server 7
> Issue Type: Bug
> Components: Web
> Affects Versions: 7.0.1.Final
> Environment: standalone
> Reporter: Ondrej Zizka
> Assignee: Remy Maucherat
>
> I have a cookie in browser which was set for redhat.com, so my AS 7 on ozizka.brq.redhat.com is receiving it to.
> Now that "version 0" cookie contains characters illegal acc. to RFC-2109 and RFC-2068:
> {code}
> Cookie: s_vi=[CS]v1|261............[CE]; ...
> {code}
> AS 7 logs:
> {code}
> 22:18:13,365 INFO [org.apache.tomcat.util.http.Cookies] (http--0.0.0.0-8080-2) Cookies: Invalid cookie. Value not a token or quoted value
> {code}
> I haven't checked whether only the single value is discarded or all cookies.
> Possibly related: JBPAPP-5813
> Some related links:
> Discussion http://old.nabble.com/DO-NOT-REPLY--Bug-49525--New%3A-IE8%3A-Unabled-to-store-data-in-HttpSession-%28root-context%29-td29030364.html
> and bug https://issues.apache.org/bugzilla/show_bug.cgi?id=49525
> about Tomcat 7's bug.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list