svn commit: r1628367 - /tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java

Tue, 30 Sep 2014 00:48:56 -0700 

Author: markt
Date: Tue Sep 30 07:47:58 2014
New Revision: 1628367

URL: http://svn.apache.org/r1628367
Log:
Restore throwing of IAE for control characters in cookie header removed in 
r1628366

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java?rev=1628367&r1=1628366&r2=1628367&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
Tue Sep 30 07:47:58 2014
@@ -204,7 +204,7 @@ public final class LegacyCookieProcessor
 
             // Skip whitespace and non-token characters (separators)
             while (pos < end &&
-                   (httpSeparatorFlags[(char) bytes[pos]] &&
+                   (isHttpSeparator((char) bytes[pos]) &&
                            !getAllowHttpSepsInV0() ||
                     CookieSupport.isV0Separator((char) bytes[pos]) ||
                     isWhiteSpace(bytes[pos])))
@@ -273,7 +273,7 @@ public final class LegacyCookieProcessor
                     if (version == 0 &&
                                 !CookieSupport.isV0Separator((char)bytes[pos]) 
&&
                                 getAllowHttpSepsInV0() ||
-                            !httpSeparatorFlags[(char)bytes[pos]] ||
+                            !isHttpSeparator((char)bytes[pos]) ||
                             bytes[pos] == '=') {
                         // Token
                         valueStart = pos;
@@ -440,7 +440,7 @@ public final class LegacyCookieProcessor
             int version, boolean isName){
         int pos = off;
         while (pos < end &&
-                (!httpSeparatorFlags[(char)bytes[pos]] ||
+                (!isHttpSeparator((char)bytes[pos]) ||
                  version == 0 && getAllowHttpSepsInV0() && bytes[pos] != '=' &&
                         !CookieSupport.isV0Separator((char)bytes[pos]) ||
                  !isName && bytes[pos] == '=' && getAllowEqualsInValue())) {
@@ -454,6 +454,17 @@ public final class LegacyCookieProcessor
     }
 
 
+    private boolean isHttpSeparator(final char c) {
+        if (c < 0x20 || c >= 0x7f) {
+            if (c != 0x09) {
+                throw new IllegalArgumentException(
+                        "Control character in cookie value or attribute.");
+            }
+        }
+
+        return httpSeparatorFlags[c];
+    }
+
     /**
      * Given a starting position after an initial quote character, this gets
      * the position of the end quote. This escapes anything after a '\' char



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to