https://issues.apache.org/bugzilla/show_bug.cgi?id=48322
Summary: Reading a cookie with an apostrophe in the value is
truncated in Tomcat 6.0.20 and 6.0.18
Product: Tomcat 6
Version: 6.0.20
Platform: PC
OS/Version: Linux
Status: NEW
Severity: regression
Priority: P2
Component: Catalina
AssignedTo: [email protected]
ReportedBy: [email protected]
Created an attachment (id=24654)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24654)
Simple JSP that reproduces the issue
If you set a cookie in a JSP that has an apostrophe in the value, reading that
cookie in subsequent loads truncates at the apostrophe.
Reading the cookie fails even if the cookie was set client side or was
pre-existing.
I've attached a very simple testcase.jsp page
Visit the page more than once.
What you see in 6.0.14:
Server side cookie value [test'ing]
What you see in 6.0.18 and 6.0.20:
Server side cookie value [test]
In all three tested tomcat versions, if you view your cookies in your browser,
you'll correctly see it has been set to "test'ing"
Likewise if you inspect the HTTP headers being returned you correctly see:
Set-Cookie: testcookie=test'ing
Something changed after 6.0.14 that causes cookies with apostrophes when read
server side to be truncated.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
