[jboss-jira] [JBoss JIRA] (JBWEB-266) Cookie Processing of JSON Cookie destroys Cookie Header

[Manuel Coenen (JIRA)]

    [ https://issues.jboss.org/browse/JBWEB-266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12759835#comment-12759835 ] 

Manuel Coenen edited comment on JBWEB-266 at 3/8/13 12:11 PM:
--------------------------------------------------------------

It is also very complex trying to restore data that has been destroyed by a lower layer. And actually it is not even possible to revert the changes 100%. There are some cases which are impossible to determine the original value - admittedly primarily invalid cookies. Still it requires about 200 lines of code to reconstruct the original header as simply reconstructing it from the processed cookies also does not work because the default setting for Jbossweb for {{ALLOW_EQUALS_IN_VALUE}} and {{ALLOW_HTTP_SEPARATORS_IN_V0}} is {{false}} which also drops some parts of the cookie value. Because of this we would have to change the server settings on every JBoss instance we have (and we have a lot).

In the end I still think that modifying a shared buffer without notifying the other "share-holders" is an error.

EDIT: I have not reloaded the page before answering and have just yet seen that you have already added a flag to preserve the header. ;-)
                
      was (Author: mschaeidt):
    It is also very complex trying to restore data that has been destroyed by a lower layer. And actually it is not even possible to revert the changes 100%. There are some cases which are impossible to determine the original value - admittedly primarily invalid cookies. Still it requires about 200 lines of code to reconstruct the original header as simply reconstructing it from the processed cookies also does not work because the default setting for Jbossweb for {{ALLOW_EQUALS_IN_VALUE}} and {{ALLOW_HTTP_SEPARATORS_IN_V0}} is {{false}} which also drops some parts of the cookie value. Because of this we would have to change the server settings on every JBoss instance we have (and we have a lot).

In the end I still think that modifying a shared buffer without notifying the other "share-holders" is an error.
                  
> Cookie Processing of JSON Cookie destroys Cookie Header
> -------------------------------------------------------
>
>                 Key: JBWEB-266
>                 URL: https://issues.jboss.org/browse/JBWEB-266
>             Project: JBoss Web
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Tomcat
>    Affects Versions: JBossWeb-7.0.1.GA 
>         Environment: Windows 7 x64 and RHEL/CentOS 5.x, Java 1.7.0_11, JBoss AS 7.0.2 Final
>            Reporter: Manuel Coenen
>            Assignee: Remy Maucherat
>
> When sending a cookie with JSON content to JBoss the automatic cookie processing (triggered by looking for a session cookie) modifies the {{byte[]}} buffer which is also used for the HTTP headers.
> This is due to multiple objects depending on the same {{byte[]}} buffer instance. The following hierarchy should demonstrate this dependency:
> {noformat}
> Http11Processor.request (Request)
> └> cookies (Cookies)
> |  └> scookies[] (ServerCookie)
> |     └> scookies[x] (where x is the index referencing the JSON cookie)
> |        └> value (MessageByte)
> |           └>byteC (ByteChunk)
> |             \
> |              |-> buff (byte[])
> |             /
> |          ┌> byteC (ByteChunk)
> |       ┌> valueB (MessageByte)
> |    ┌> headers[y] (where y is the index referencing the JSON cookie header)
> |  ┌> headers[] (MimeHeaderField)
> └> headers (MimeHeader)
> {noformat}
> The method {{Cookies.unescapeDoubleQuotes(ByteChunk)}} modifies this buffer by overwriting its contents when removing the escaped double-quotes. This in return destroys the reference for the header as it will still maintain the {{start}} and {{end}} reference inside this buffer. If the value for this header is read later it will be the unescaped content trailed by the surplus escaped region (see reproduction instructions for a more detailed example).
> In my opinion the method {{Cookies.unescapeDoubleQuotes(ByteChunk)}} should copy the {{byte[]}} first to avoid side effects to other parts referencing this {{byte[]}} as it could be (and is in our case) that the headers (including cookie) need to be forwarded unmodified to another server.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira