This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new c53351e297 Remove unnecessary check in addCookie() Add missing check
in encodeURL()
c53351e297 is described below
commit c53351e2971bee01d280528d5e94b8d020c3c9c9
Author: Mark Thomas <[email protected]>
AuthorDate: Mon Jun 22 16:55:04 2026 +0100
Remove unnecessary check in addCookie() Add missing check in encodeURL()
---
java/org/apache/catalina/connector/Response.java | 43 +++++++++++++-----------
1 file changed, 23 insertions(+), 20 deletions(-)
diff --git a/java/org/apache/catalina/connector/Response.java
b/java/org/apache/catalina/connector/Response.java
index 69d76babba..9fb43e8291 100644
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -908,16 +908,13 @@ public class Response implements HttpServletResponse {
cookies.add(cookie);
+ // Note: This also ensures context is not null
String header = generateCookieString(cookie);
if (header == null) {
return;
}
- Context context = getContext();
- if (context == null) {
- return;
- }
// if we reached here, no exception, cookie is valid
- addHeader("Set-Cookie", header,
context.getCookieProcessor().getCharset());
+ addHeader("Set-Cookie", header,
getContext().getCookieProcessor().getCharset());
}
/**
@@ -962,13 +959,18 @@ public class Response implements HttpServletResponse {
* @return The cookie header string
*/
public String generateCookieString(final Cookie cookie) {
- // Web application code can receive a IllegalArgumentException
- // from the generateHeader() invocation
- if (SecurityUtil.isPackageProtectionEnabled()) {
- return AccessController
- .doPrivileged(new
PrivilegedGenerateCookieString(getContext(), cookie, request.getRequest()));
+ final Context context = getContext();
+ if (context != null) {
+ // Web application code can receive a IllegalArgumentException
+ // from the generateHeader() invocation
+ if (SecurityUtil.isPackageProtectionEnabled()) {
+ return AccessController
+ .doPrivileged(new
PrivilegedGenerateCookieString(context, cookie, request.getRequest()));
+ } else {
+ return context.getCookieProcessor().generateHeader(cookie,
request.getRequest());
+ }
} else {
- return getContext().getCookieProcessor().generateHeader(cookie,
request.getRequest());
+ return null;
}
}
@@ -1121,17 +1123,18 @@ public class Response implements HttpServletResponse {
}
if (isEncodeable(absolute)) {
- // W3c spec clearly said
- if (url.equalsIgnoreCase("")) {
- url = absolute;
- } else if (url.equals(absolute) && !hasPath(url)) {
- url += '/';
+ Session session = request.getSessionInternal();
+ if (session != null) {
+ // W3c spec clearly said
+ if (url.equalsIgnoreCase("")) {
+ url = absolute;
+ } else if (url.equals(absolute) && !hasPath(url)) {
+ url += '/';
+ }
+ return toEncoded(url, session.getIdInternal());
}
- return toEncoded(url,
request.getSessionInternal().getIdInternal());
- } else {
- return url;
}
-
+ return url;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
