From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Tue, 17 Nov 2009 20:49:04 +0000 (+0000)
Subject: Better handle edge cases when allowing = in cookie value
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=06e71e675353a0daaa76b4e95a5629a427fffe75;p=tomcat7.0

Better handle edge cases when allowing = in cookie value

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@881500 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/tomcat/util/http/Cookies.java b/java/org/apache/tomcat/util/http/Cookies.java
index 7249cb08c..bb663ce09 100644
--- a/java/org/apache/tomcat/util/http/Cookies.java
+++ b/java/org/apache/tomcat/util/http/Cookies.java
@@ -323,7 +323,8 @@ public final class Cookies { // extends MultiMap {
                     if (version == 0 &&
                                 !CookieSupport.isV0Separator((char)bytes[pos]) &&
                                 CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0 ||
-                            !CookieSupport.isHttpSeparator((char)bytes[pos])) {
+                            !CookieSupport.isHttpSeparator((char)bytes[pos]) ||
+                            bytes[pos] == '=' && CookieSupport.ALLOW_EQUALS_IN_VALUE) {
                         // Token
                         valueStart=pos;
                         // getToken returns the position at the delimeter