(tomcat) branch main updated: Remove unnecessary check in addCookie() Add missing check in encodeURL()

Mon, 22 Jun 2026 08:55:31 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt-asf pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 3108c5f7f1 Remove unnecessary check in addCookie() Add missing check 
in encodeURL()
3108c5f7f1 is described below

commit 3108c5f7f1308cedc847378c5d92a0e4f4451ef1
Author: Mark Thomas <[email protected]>
AuthorDate: Mon Jun 22 16:55:04 2026 +0100

    Remove unnecessary check in addCookie() Add missing check in encodeURL()
---
 java/org/apache/catalina/connector/Response.java | 26 +++++++++++-------------
 1 file changed, 12 insertions(+), 14 deletions(-)

diff --git a/java/org/apache/catalina/connector/Response.java 
b/java/org/apache/catalina/connector/Response.java
index f7f3299425..e9b06208fc 100644
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -900,16 +900,13 @@ public class Response implements HttpServletResponse {
             return;
         }
 
+        // Note: This also ensures context is not null
         String header = generateCookieString(cookie);
         if (header == null) {
             return;
         }
-        Context context = getContext();
-        if (context == null) {
-            return;
-        }
         // if we reached here, no exception, cookie is valid
-        addHeader("Set-Cookie", header, 
context.getCookieProcessor().getCharset());
+        addHeader("Set-Cookie", header, 
getContext().getCookieProcessor().getCharset());
     }
 
     /**
@@ -1113,17 +1110,18 @@ public class Response implements HttpServletResponse {
         }
 
         if (isEncodeable(absolute)) {
-            // W3c spec clearly said
-            if (url.equalsIgnoreCase("")) {
-                url = absolute;
-            } else if (url.equals(absolute) && !hasPath(url)) {
-                url += '/';
+            Session session = request.getSessionInternal();
+            if (session != null) {
+                // W3c spec clearly said
+                if (url.equalsIgnoreCase("")) {
+                    url = absolute;
+                } else if (url.equals(absolute) && !hasPath(url)) {
+                    url += '/';
+                }
+                return toEncoded(url, session.getIdInternal());
             }
-            return toEncoded(url, 
request.getSessionInternal().getIdInternal());
-        } else {
-            return url;
         }
-
+        return url;
     }
 
 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to