Author: fmeschbe
Date: Sat Sep 18 18:08:58 2010
New Revision: 998508
URL: http://svn.apache.org/viewvc?rev=998508&view=rev
Log:
Don't quote cookie value and attributes
Modified:
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Modified:
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java?rev=998508&r1=998507&r2=998508&view=diff
==============================================================================
---
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
Sat Sep 18 18:08:58 2010
@@ -994,18 +994,18 @@ public class FormAuthenticationHandler e
final StringBuilder header = new StringBuilder();
// default setup with name, value, cookie path and HttpOnly
- header.append(name).append("=\"").append(value).append('"');
- header.append("; Path=\"").append(cookiePath).append('"');
+ header.append(name).append("=").append(value);
+ header.append("; Path=").append(cookiePath);
header.append("; HttpOnly"); // don't allow JS access
// set the cookie domain if so configured
if (domain != null) {
- header.append("; Domain=\"").append(domain).append('"');
+ header.append("; Domain=").append(domain);
}
// Only set the Max-Age attribute to remove the cookie
if (age >= 0) {
- header.append("; Max-Age=\"").append(age).append('"');
+ header.append("; Max-Age=").append(age);
}
// ensure the cookie is secured if this is an https request
