svn commit: r1622036 - in /tomcat/trunk: test/org/apache/tomcat/util/http/TestCookies.java webapps/docs/changelog.xml

Tue, 02 Sep 2014 08:40:15 -0700 

Author: markt
Date: Tue Sep  2 15:38:58 2014
New Revision: 1622036

URL: http://svn.apache.org/r1622036
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55921
The new cookie parser correctly handles unescaped JSON in cookie values

Modified:
    tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java?rev=1622036&r1=1622035&r2=1622036&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java Tue Sep  2 
15:38:58 2014
@@ -449,6 +449,19 @@ public class TestCookies {
         test(true, "$Version=1; foo=b\210r");
     }
 
+    @Test
+    public void testJsonInV0() {
+        // Bug 55921
+        test(true, "{\"a\":true, \"b\":false};a=b", A);
+    }
+
+    @Test
+    public void testJsonInV1() {
+        // Bug 55921
+        A.setVersion(1);
+        test(true, "$Version=1;{\"a\":true, \"b\":false};a=b", A);
+    }
+
     private void test(boolean useRfc6265, String header, Cookie... expected) {
         MimeHeaders mimeHeaders = new MimeHeaders();
         Cookies cookies = new Cookies(mimeHeaders);

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1622036&r1=1622035&r2=1622036&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Sep  2 15:38:58 2014
@@ -59,6 +59,11 @@
         enabled to correctly handle these cookies. (markt)
       </fix>
       <fix>
+        <bug>55921</bug>: Correctly handle (ignore the cookie) unescaped JSON 
in
+        a cookie value. The new RFC6265 based cookie parser must be enabled to
+        correctly handle these cookies. (markt)
+      </fix>
+      <fix>
         <bug>56900</bug>: Fix some potential resource leaks when reading
         property files reported by Coverity Scan. Based on patches provided by
         Felix Schumacher. (markt)



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to