[tomcat] branch main updated: Use a valid date format for the expires attribute of a cookie

Wed, 12 Oct 2022 11:28:27 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new ee131cd0d9 Use a valid date format for the expires attribute of a 
cookie
ee131cd0d9 is described below

commit ee131cd0d9278c6cdc77191643d9b1ae1d8fac22
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Oct 12 19:28:03 2022 +0100

    Use a valid date format for the expires attribute of a cookie
    
    Note: The format used prior to this change is not listed as a valid
    format in any of the relevant specifications.
---
 java/org/apache/tomcat/util/http/CookieProcessorBase.java        | 2 +-
 .../apache/tomcat/util/http/TestCookieProcessorGeneration.java   | 2 +-
 webapps/docs/changelog.xml                                       | 9 +++++++++
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/CookieProcessorBase.java 
b/java/org/apache/tomcat/util/http/CookieProcessorBase.java
index 47fbe58f69..5c3b08bfd9 100644
--- a/java/org/apache/tomcat/util/http/CookieProcessorBase.java
+++ b/java/org/apache/tomcat/util/http/CookieProcessorBase.java
@@ -24,7 +24,7 @@ import java.util.TimeZone;
 
 public abstract class CookieProcessorBase implements CookieProcessor {
 
-    private static final String COOKIE_DATE_PATTERN = "EEE, dd-MMM-yyyy 
HH:mm:ss z";
+    private static final String COOKIE_DATE_PATTERN = "EEE, dd MMM yyyy 
HH:mm:ss z";
 
     protected static final ThreadLocal<DateFormat> COOKIE_DATE_FORMAT =
             ThreadLocal.withInitial(() -> {
diff --git 
a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java 
b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
index 3ec05ae3a2..b74a851a16 100644
--- a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
+++ b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
@@ -102,7 +102,7 @@ public class TestCookieProcessorGeneration {
 
     @Test
     public void testMaxAgeZero() {
-        doTestMaxAge(0, "foo=bar; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 
GMT");
+        doTestMaxAge(0, "foo=bar; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 
GMT");
     }
 
     @Test
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 3fa3fe7901..1b73b65c60 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,15 @@
       </scode>
     </changelog>
   </subsection>
+  <subsection name="Coyote">
+    <changelog>
+      <fix>
+        Correct the date format used with the expires attribute of HTTP 
cookies.
+        A single space rather than a single dash should be used to separate the
+        day, month and year components to be compliant with RFC 6265. (markt)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="Other">
     <changelog>
       <update>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to