Author: markt
Date: Fri Oct 10 14:28:59 2014
New Revision: 1630911
URL: http://svn.apache.org/r1630911
Log:
Allow Set-Cookie headers to use UTF-8
Added:
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Response.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/connector/Response.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Response.java?rev=1630911&r1=1630910&r2=1630911&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/Response.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Response.java Fri Oct 10
14:28:59 2014
@@ -909,7 +909,7 @@ public class Response
// the header name is Set-Cookie for both "old" and v.1 ( RFC2109 )
// RFC2965 is not supported by browsers and the Servlet spec
// asks for 2109.
- addHeader("Set-Cookie", header);
+ addHeader("Set-Cookie", header,
getContext().getCookieProcessor().getCharset());
}
/**
Added:
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java?rev=1630911&view=auto
==============================================================================
---
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java
(added)
+++
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java
Fri Oct 10 14:28:59 2014
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.http;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.tomcat.util.buf.ByteChunk;
+
+public class TestCookieProcessorGenerationHttp extends TomcatBaseTest {
+
+ @Test
+ public void testUtf8CookieValue() throws Exception {
+ Tomcat tomcat = getTomcatInstance();
+ // Must have a real docBase - just use temp
+ Context ctx = tomcat.addContext("",
System.getProperty("java.io.tmpdir"));
+ ctx.setCookieProcessor(new Rfc6265CookieProcessor());
+ Tomcat.addServlet(ctx, "test", new CookieServlet("\u0120"));
+ ctx.addServletMapping("/test", "test");
+ tomcat.start();
+
+ Map<String,List<String>> headers = new HashMap<>();
+ ByteChunk res = new ByteChunk();
+ getUrl("http://localhost:"; + getPort() + "/test", res, headers);
+ List<String> cookieHeaders = headers.get("Set-Cookie");
+ Assert.assertEquals("There should only be one Set-Cookie header in
this test",
+ 1, cookieHeaders.size());
+ // Client is assuming header is ISO-8859-1 encoding which it isn't.
Turn
+ // the header value back into the received bytes (this isn't guaranteed
+ // to work with all values but it will for this test value)
+ byte[] headerBytes =
cookieHeaders.get(0).getBytes(StandardCharsets.ISO_8859_1);
+ // Now convert those bytes to a String using UTF-8
+ String utf8Header = new String(headerBytes, StandardCharsets.UTF_8);
+ Assert.assertEquals("Test=\u0120", utf8Header);
+ }
+
+
+ private static class CookieServlet extends HttpServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ private final String cookieValue;
+
+ public CookieServlet(String cookieValue) {
+ this.cookieValue = cookieValue;
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ Cookie cookie = new Cookie("Test", cookieValue);
+ resp.addCookie(cookie);
+ resp.setContentType("text/plain");
+ resp.getWriter().print("OK");
+ }
+ }
+}
Propchange:
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieProcessorGenerationHttp.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1630911&r1=1630910&r2=1630911&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Oct 10 14:28:59 2014
@@ -64,6 +64,11 @@
variables. (markt)
</add>
<fix>
+ <bug>55951</bug>: Allow cookies to use UTF-8 encoded values in HTTP
+ headers. This requires the use of the RFC6265
+ <strong>CookieProcessor</strong>. (markt)
+ </fix>
+ <fix>
<bug>55984</bug>: Using the allow separators in version 0 cookies
option
with the legacy cookie processor should only apply to version 0
cookies.
Version 1 cookies with values that contain separators should not be
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
