https://issues.apache.org/bugzilla/show_bug.cgi?id=46403




--- Comment #3 from Mark Thomas <ma...@apache.org>  2008-12-23 05:19:48 PST ---
For completeness, the cookie parsing changes were required to correct various
security vulnerabilities.

I really don't like the idea of adding work arounds to Tomcat for bugs in other
software but I don't see a choice here.

I have applied a variation of your patch to trunk and proposed it for 6.0.x.
The variation is making the addition of the expires header optional.

There are occassional ASF/MS get togethers where issues like this can be raised
(and hopefully fixed). I have a list of things to raise at the next one and
I've added this to it. As far as I am aware there are no dates set for the next
get together so don't expect an IE fix any time soon.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to