[jboss-jira] [JBoss JIRA] (WFLY-3050) '=' character removed from request cookie
Stuart Douglas (JIRA)
issues at jboss.org
Tue Apr 8 18:26:13 EDT 2014
[ https://issues.jboss.org/browse/WFLY-3050?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stuart Douglas resolved WFLY-3050.
----------------------------------
Fix Version/s: 8.0.1.Final
Resolution: Done
This can now be controlled via the allow-equals-in-cookie-value connector option in standalone.xml
> '=' character removed from request cookie
> ------------------------------------------
>
> Key: WFLY-3050
> URL: https://issues.jboss.org/browse/WFLY-3050
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Affects Versions: 8.0.0.Final
> Environment: windows 7
> Reporter: roy mizrachi
> Assignee: Stuart Douglas
> Fix For: 8.0.1.Final
>
>
> I'm saving encrypted user token in session cookie:
> Cookie: JCORESESSIONID=aes256$/tew4VVsfdJ32iUX1AOqBGRb717TJC9KkejjAPl6BIAG6kCP4beSraL51eQG2iu5bV9uT3OsubXUcjO+sG2lYNWbu5NliQd361oUz2Yl4LQ=
> The problem is that in the server i see that the '=' character is removed hence i cannot decrypt it.
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list