[seam-issues] [JBoss JIRA] Issue Comment Edited: (JBSEAM-4503) <s:token> - cookie identifying the browser (javax.faces.ClientToken) might contain illegal characters

bb bb (JIRA) jira-events at lists.jboss.org
Fri Nov 26 06:36:30 EST 2010 

    [ https://jira.jboss.org/browse/JBSEAM-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12565561#comment-12565561 ] 

bb bb edited comment on JBSEAM-4503 at 11/26/10 6:34 AM:
---------------------------------------------------------

I have a same problem. The javax.faces.ClientToken cookie contains illegal characters. Example: "/\"c{>`I?e,6.8oc#SPybp3}E1EK[u<?i.

It causes that the s:token is unusable when you interact with cookies, because ((HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest()).getCookies(); invocation return wrong cookie list.


Solution:

Just rewrite the s:token implementation with this: new String(Hex.encodeHex(encodeableValue.getBytes("UTF-8"))); and  new String(Hex.decodeHex(decodeableValue.toCharArray())) , because there is a BASE64 encoding problem under JBoss.

Thankx.

      was (Author: babazs):
    I have a same problem. The javax.faces.ClientToken cookie contains illegal characters. Example: "/\"c{>`I?e,6.8oc#SPybp3}E1EK[u<?i.

It causes that the s:token is unusable when you interact with cookies, because ((HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest()).getCookies(); invocation return wrong cookie list.


Solution:

Just rewrite the s:token implementation with this: new String(Hex.encodeHex(encodeableValue.getBytes("UTF-8"))); and  new String(Hex.decodeHex(decodeableValue.toCharArray())) 

Thankx.
  
> <s:token> - cookie identifying the browser (javax.faces.ClientToken) might contain illegal characters
> -----------------------------------------------------------------------------------------------------
>
>                 Key: JBSEAM-4503
>                 URL: https://jira.jboss.org/browse/JBSEAM-4503
>             Project: Seam
>          Issue Type: Bug
>          Components: JSF Controls
>    Affects Versions: 2.2.0.GA
>            Reporter: dragos cernahoschi
>
> The cookie that uniquely identifies the browser is randomly generated and contains illegal characters, for example: semicolon (;)
> This cause org.jboss.seam.ui.UnauthorizedCommandException: viewId: /restricted/desktop.xhtml - Form signature invalid

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list