Re: svn commit: r1723506 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/connector/CoyoteAdapter.java java/org/apache/catalina/connector/Request.java webapps/docs/changelog.xml

Thu, 07 Jan 2016 06:06:29 -0800 

On 07/01/2016 13:05, Konstantin Kolinko wrote:
> 2016-01-07 13:19 GMT+03:00  <ma...@apache.org>:
>> Author: markt
>> Date: Thu Jan  7 10:19:14 2016
>> New Revision: 1723506
>>
>> URL: http://svn.apache.org/viewvc?rev=1723506&view=rev
>> Log:
>> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58809
>> Correctly recycle the cookies when mapping requests for parallel deployment

<snip/>

>> Modified: 
>> tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java
>> URL: 
>> http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java?rev=1723506&r1=1723505&r2=1723506&view=diff
>> ==============================================================================
>> --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java 
>> (original)
>> +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java Thu 
>> Jan  7 10:19:14 2016

<snip/>

>> @@ -554,6 +552,16 @@ public class Request
>>      }
>>
>>
>> +    protected void recycleCookieInfo(boolean recycleCoyote) {
>> +        cookiesParsed = false;
> 
> Setting "cookiesParsed = false" means that processing of HTTP headers
> will be repeated.
> 
> This second processing is possible only if
> org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER
> system property is "true", but it is false by default.
> 
> http://tomcat.apache.org/tomcat-8.0-doc/config/systemprops.html
> 
> 
> As this feature is needed, I think that setting has to be hard-coded as 
> "true".

Only an issue if using quoted cookie values with escaped double quotes
in the value (which I suspect is pretty rare outside of our tests).
There is a similar issue in 9.0.x as well.

Rather than always copy the entire cookie header (which could be
expensive) I'll look at copying the value only if necessary in
LegacyCookieProcessor.unescapeDoubleQuotes()

I agree the option will have to be removed / made NO-OP.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to