On Feb 10, 2008, at 2:42 PM, Filip Hanik - Dev Lists wrote:
Remy Maucherat wrote:
On Sun, 2008-02-10 at 11:17 -0700, Filip Hanik - Dev Lists wrote:
Remy Maucherat wrote:
On Sun, 2008-02-10 at 11:44 -0500, Jim Manico wrote:
Filip - you are 100% correct on this thread. Are you basically
the traffic cop guarding the core of Tomcat?
I understand, you are not impacted by the behavior change, and as a
result this allows you to be "fair", I suppose. The issue is
that the
behavior of Tomcat has been different, in all prior releases, and
changing it of all a sudden without any configuration capability
because
it feels nice to play "spec lawyer" is wrong to me. Similar
decisions
have been made in the past, and this did cause problems, it's
simply
faster to add the appropriate options right away.
what about my suggestion, to add a flag to default to v1 cookies.
they get quoted and old behavior will continue to work.
This is the sort of configuration option which seems appropriate.
essentially, browsers treated our previous v0 cookies as v1 when we
quoted them.
question, obviously it would be easiest for us to put the global
flag in the javax.servlet.http.Cookie class directly
-private int version = 0; // ;Version=1 ... means RFC 2109++ style
+private int version = Integer.parseInt(System.getProperty
("org.apache.catalina.cookie.version","1")); // ;Version=1 ...
means RFC 2109++ style
Would this be ok, given its a spec class? or do we have to leave
this class untouched and modify it elsewhere, in which case it'd be
more of a hack.
I would hope that you would put this behavior in a non javax class
since it's possible that tomcat may be used with other peoples
servlet spec jars. I think consistent behavior independent of which
spec jar you happen to pick would be desirable.
thanks
david jencks
Filip
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
