svn commit: r881500 - /tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java

Tue, 17 Nov 2009 12:49:29 -0800 

Author: markt
Date: Tue Nov 17 20:49:04 2009
New Revision: 881500

URL: http://svn.apache.org/viewvc?rev=881500&view=rev
Log:
Better handle edge cases when allowing = in cookie value

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java?rev=881500&r1=881499&r2=881500&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java Tue Nov 17 
20:49:04 2009
@@ -323,7 +323,8 @@
                     if (version == 0 &&
                                 !CookieSupport.isV0Separator((char)bytes[pos]) 
&&
                                 CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0 ||
-                            !CookieSupport.isHttpSeparator((char)bytes[pos])) {
+                            !CookieSupport.isHttpSeparator((char)bytes[pos]) ||
+                            bytes[pos] == '=' && 
CookieSupport.ALLOW_EQUALS_IN_VALUE) {
                         // Token
                         valueStart=pos;
                         // getToken returns the position at the delimeter



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to