svn commit: r1723552 - in /tomcat/trunk: java/org/apache/tomcat/util/http/LegacyCookieProcessor.java webapps/docs/config/cookie-processor.xml

Thu, 07 Jan 2016 06:17:53 -0800 

Author: markt
Date: Thu Jan  7 14:16:28 2016
New Revision: 1723552

URL: http://svn.apache.org/viewvc?rev=1723552&view=rev
Log:
Refactor the legacy cookie processor so the cookie header is always preserved.

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
    tomcat/trunk/webapps/docs/config/cookie-processor.xml

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java?rev=1723552&r1=1723551&r2=1723552&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
Thu Jan  7 14:16:28 2016
@@ -93,8 +93,6 @@ public final class LegacyCookieProcessor
 
     private boolean allowHttpSepsInV0 = false;
 
-    private boolean preserveCookieHeader = STRICT_SERVLET_COMPLIANCE;
-
     private boolean alwaysAddExpires = !STRICT_SERVLET_COMPLIANCE;
 
     private final BitSet httpSeparatorFlags = new BitSet(128);
@@ -188,13 +186,28 @@ public final class LegacyCookieProcessor
     }
 
 
+    /**
+     * @return Always returns true
+     *
+     * @deprecated No longer used. Cookie headers are now always preserved. 
Will
+     *             be removed in Tomcat 9.0.x.
+     */
+    @Deprecated
     public boolean getPreserveCookieHeader() {
-        return preserveCookieHeader;
+        return true;
     }
 
 
+    /**
+     * NO-OP.
+     *
+     * @param preserveCookieHeader Ignored
+     *
+     * @deprecated No longer used. Cookie headers are now always preserved. 
Will
+     *             be removed in Tomcat 9.0.x.
+     */
+    @Deprecated
     public void setPreserveCookieHeader(boolean preserveCookieHeader) {
-        this.preserveCookieHeader = preserveCookieHeader;
     }
 
 
@@ -256,17 +269,7 @@ public final class LegacyCookieProcessor
                     log.debug("Cookies: Parsing b[]: " + 
cookieValue.toString());
                 }
                 ByteChunk bc = cookieValue.getByteChunk();
-                if (getPreserveCookieHeader()) {
-                    int len = bc.getLength();
-                    if (len > 0) {
-                        byte[] buf = new byte[len];
-                        System.arraycopy(bc.getBytes(), bc.getOffset(), buf, 
0, len);
-                        processCookieHeader(buf, 0, len, serverCookies);
-                    }
-                } else {
-                    processCookieHeader(bc.getBytes(), bc.getOffset(), 
bc.getLength(),
-                            serverCookies);
-                }
+                processCookieHeader(bc.getBytes(), bc.getOffset(), 
bc.getLength(), serverCookies);
             }
 
             // search from the next position
@@ -824,19 +827,25 @@ public final class LegacyCookieProcessor
             return;
         }
 
-        int src = bc.getStart();
-        int end = bc.getEnd();
-        int dest = src;
-        byte[] buffer = bc.getBuffer();
+        // Take a copy of the buffer so the original cookie header is not
+        // modified by this unescaping.
+        byte[] original = bc.getBuffer();
+        int len = bc.getLength();
+
+        byte[] copy = new byte[len];
+        System.arraycopy(original, bc.getStart(), copy, 0, len);
+
+        int src = 0;
+        int dest = 0;
 
-        while (src < end) {
-            if (buffer[src] == '\\' && src < end && buffer[src+1]  == '"') {
+        while (src < len) {
+            if (copy[src] == '\\' && src < len && copy[src+1]  == '"') {
                 src++;
             }
-            buffer[dest] = buffer[src];
+            copy[dest] = copy[src];
             dest ++;
             src ++;
         }
-        bc.setEnd(dest);
+        bc.setBytes(copy, 0, dest);
     }
 }

Modified: tomcat/trunk/webapps/docs/config/cookie-processor.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/cookie-processor.xml?rev=1723552&r1=1723551&r2=1723552&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/cookie-processor.xml (original)
+++ tomcat/trunk/webapps/docs/config/cookie-processor.xml Thu Jan  7 14:16:28 
2016
@@ -155,13 +155,9 @@
       </attribute>
 
       <attribute name="preserveCookieHeader" required="false">
-        <p>If this is <code>true</code> Tomcat will ensure that cookie
-        processing does not modify cookie header returned by
-        <code>HttpServletRequest.getHeader()</code>. If
-        <code>org.apache.catalina.STRICT_SERVLET_COMPLIANCE</code> is set to
-        <code>true</code>, the default of this setting will be
-        <code>true</code>, else the default value will be <code>false</code>.
-        </p>
+        <p>This attribute is no longer used. From Tomcat 8.0.31, Tomcat will
+        always preserve the cookie header returned by
+        <code>HttpServletRequest.getHeader()</code>.</p>
       </attribute>
 
     </attributes>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to