[undertow-dev] HttpServletRequestImpl.getCookies() fails when a single cookie is invalid
Piotr Betkier
pbetkier at gmail.com
Wed Apr 15 17:03:13 EDT 2015
Hello,
I have a suggestion on improving the mechanism for providing cookies in
io.undertow.servlet.spec.HttpServletRequestImpl using getCookies() method.
Often not all of the cookies sent by the user are under the control of the
application accessing them. It may happen that one of the cookies is not a
valid cookie as being validated in javax.servlet.http.Cookie constructor.
Currently, in case of an invalid cookie among the cookies received in a
request, getCookies() method would propagate the IllegalArgumentException
thrown from Cookie constructor when instantiating a cookie with invalid
name, preventing the user from accessing the rest of the cookies which were
valid.
My proposition is to ignore invalid cookies in getCookies() method, just
logging such incident, instead of failing on them and returning all the
valid cookies to the method caller.
What do you think about this? If you agree then I'll be happy to provide a
pull-request for that.
Cheers,
Piotr Betkier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/undertow-dev/attachments/20150415/2c108851/attachment.html
More information about the undertow-dev
mailing list