Hi,
I think cookies are still broken, and this is getting more and more
complex. The apparent issue is that the parser applies v1 parsing rules
when parsing v0 cookies (which are generated using a much more lenient
character exclusion), resulting in cookies that cannot be parsed back.
A simple example is a regular cookie session (!), where the path cannot
even be parsed back ('/' is now in the "specials" list).
Maybe we could parse as v0, and validate the bytes if the cookie turned
out to be v1 ?
Rémy
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
