[seam-issues] [JBoss JIRA] Commented: (JBSEAM-4503) <s:token> - cookie identifying the browser (javax.faces.ClientToken) might contain illegal characters

bb bb (JIRA) jira-events at lists.jboss.org
Fri Nov 26 06:34:30 EST 2010

    [ https://jira.jboss.org/browse/JBSEAM-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12565561#comment-12565561 ] 

bb bb commented on JBSEAM-4503:

I have a same problem. The javax.faces.ClientToken cookie contains illegal characters. Example: "/\"c{>`I?e,6.8oc#SPybp3}E1EK[u<?i.

It causes that the s:token is unusable when you interact with cookies, because ((HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest()).getCookies(); invocation return wrong cookie list.


Just use: new String(Hex.encodeHex(encodeableValue.getBytes("UTF-8"))); and  new String(Hex.decodeHex(decodeableValue.toCharArray())) with s:token.


> <s:token> - cookie identifying the browser (javax.faces.ClientToken) might contain illegal characters
> -----------------------------------------------------------------------------------------------------
>                 Key: JBSEAM-4503
>                 URL: https://jira.jboss.org/browse/JBSEAM-4503
>             Project: Seam
>          Issue Type: Bug
>          Components: JSF Controls
>    Affects Versions: 2.2.0.GA
>            Reporter: dragos cernahoschi
> The cookie that uniquely identifies the browser is randomly generated and contains illegal characters, for example: semicolon (;)
> This cause org.jboss.seam.ui.UnauthorizedCommandException: viewId: /restricted/desktop.xhtml - Form signature invalid

This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list