(tomcat) 03/04: Refactor the internal representation of the HttpOnly and Secure

Fri, 15 Mar 2024 11:50:44 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 4ca2a66d6203ce7843fbaa9fd47be82cba477781
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Mar 15 17:15:03 2024 +0000

    Refactor the internal representation of the HttpOnly and Secure
    
    Use the empty string as the value
    This is for consistency with the recent changes to Set-Cookie header
    generation
---
 java/jakarta/servlet/http/Cookie.java | 10 ++++++----
 webapps/docs/changelog.xml            |  6 ++++++
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/java/jakarta/servlet/http/Cookie.java 
b/java/jakarta/servlet/http/Cookie.java
index 22ddc5d3ff..5c52a59d47 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -54,6 +54,8 @@ public class Cookie implements Cloneable, Serializable {
 
     private static final CookieNameValidator validation = new 
RFC6265Validator();
 
+    private static final String EMPTY_STRING = "";
+
     private static final long serialVersionUID = 2L;
 
     /**
@@ -238,7 +240,7 @@ public class Cookie implements Cloneable, Serializable {
      * @see #getSecure
      */
     public void setSecure(boolean flag) {
-        setAttributeInternal(SECURE, Boolean.toString(flag));
+        setAttributeInternal(SECURE, EMPTY_STRING);
     }
 
 
@@ -251,7 +253,7 @@ public class Cookie implements Cloneable, Serializable {
      * @see #setSecure
      */
     public boolean getSecure() {
-        return Boolean.parseBoolean(getAttribute(SECURE));
+        return EMPTY_STRING.equals(getAttribute(SECURE));
     }
 
 
@@ -347,7 +349,7 @@ public class Cookie implements Cloneable, Serializable {
      * @since Servlet 3.0
      */
     public void setHttpOnly(boolean httpOnly) {
-        setAttributeInternal(HTTP_ONLY, Boolean.toString(httpOnly));
+        setAttributeInternal(HTTP_ONLY, EMPTY_STRING);
     }
 
 
@@ -359,7 +361,7 @@ public class Cookie implements Cloneable, Serializable {
      * @since Servlet 3.0
      */
     public boolean isHttpOnly() {
-        return Boolean.parseBoolean(getAttribute(HTTP_ONLY));
+        return EMPTY_STRING.equals(getAttribute(HTTP_ONLY));
     }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 042b5376d7..d8b9343f15 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -135,6 +135,12 @@
         equals sign or value. This will simplify future support for similar new
         attributes by removing the need for special handling. (markt)
       </update>
+      <scode>
+        Refactor the internal representation of the <code>HttpOnly</code> and
+        <code>Secure</code> attributes to use the empty string as the value for
+        consistency with the recent changes to <code>Set-Cookie</code> header
+        generation. (markt)
+      </scode>
     </changelog>
   </subsection>
   <subsection name="Jasper">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to