[
https://issues.apache.org/jira/browse/HTTPCLIENT-1006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15798515#comment-15798515
]
Detlev Beutner commented on HTTPCLIENT-1006:
--------------------------------------------
[~reschke] I will, thanks. Might take some days to write a precise but short
text, but I will follow up on this.
[~olegk] "Why would ..." Simply for reasons of compatibility. If the server
creates v1 cookies following RFC 2109 (or at least close to it), it is not
allowed to use "=" (%x3D) in the value if the value is not a quoted-string
(which again is a standard case for BASE64 encoded values). RFC 6265 can handle
such values; an implementation which reads the value and omits the DQs before
sending back the value will break the RFC 2109 logic on the server. (That's the
case in the example given far far above.)
Anyhow, I will come back on this later...
> BrowserCompatSpec: don't trim " around cookie value
> ---------------------------------------------------
>
> Key: HTTPCLIENT-1006
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1006
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (classic)
> Affects Versions: 4.0.2
> Reporter: Marc Guillemot
>
> If the server sends a cookie header like:
> Set-Cookie: first="hello world"
> then HttpClient parses it as cookie with value >hello world<, wrongly
> removing the leading and trailing quotes. The incorrect quote removal occurs
> in BasicHeaderValueParser.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
