projects / tomcat7.0 / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9d2f9c6)
Only allow version switching on the "value" of the cookie, for the rest, just quote...
authorfhanik <fhanik@13f79535-47bb-0310-9956-ffa450edef68>
Wed, 19 Mar 2008 03:46:17 +0000 (03:46 +0000)
committerfhanik <fhanik@13f79535-47bb-0310-9956-ffa450edef68>
Wed, 19 Mar 2008 03:46:17 +0000 (03:46 +0000)
git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@638695 13f79535-47bb-0310-9956-ffa450edef68

java/org/apache/tomcat/util/http/ServerCookie.java patch | blob | history

diff --git a/java/org/apache/tomcat/util/http/ServerCookie.java b/java/org/apache/tomcat/util/http/ServerCookie.java
index 7919cd7..f50592d 100644 (file)
--- a/java/org/apache/tomcat/util/http/ServerCookie.java
+++ b/java/org/apache/tomcat/util/http/ServerCookie.java
@@ -255,7 +255,7 @@ public class ServerCookie implements Serializable {
         buf.append("=");
         // Servlet implementation does not check anything else
         
-        version = maybeQuote2(version, buf, value);
+        version = maybeQuote2(version, buf, value,true);
 
         // Add version 1 specific information
         if (version == 1) {
@@ -299,10 +299,7 @@ public class ServerCookie implements Serializable {
         // Path=path
         if (path!=null) {
             buf.append ("; Path=");
-            if (version>0)
-                maybeQuote2(version, buf, path); //don't quote the path for v0 cookies
-            else
-                buf.append(path);
+            maybeQuote2(version, buf, path);
         }
 
         // Secure
@@ -340,6 +337,10 @@ public class ServerCookie implements Serializable {
      * @param value
      */
     public static int maybeQuote2 (int version, StringBuffer buf, String value) {
+        return maybeQuote2(version,buf,value,false);
+    }
+
+    public static int maybeQuote2 (int version, StringBuffer buf, String value, boolean allowVersionSwitch) {
         if (value==null || value.length()==0) {
             buf.append("\"\"");
         }else if (containsCTL(value,version)) 
@@ -348,7 +349,7 @@ public class ServerCookie implements Serializable {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,1,value.length()-1));
             buf.append('"');
-        } else if ((!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value)) {
+        } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value)) {
             buf.append('"');
             buf.append(escapeDoubleQuotes(value,0,value.length()));
             buf.append('"');
Unnamed repository; edit this file to name it for gitweb.