This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new 4ae1ec6cf5 Incorrect processing of partitioned setting
4ae1ec6cf5 is described below
commit 4ae1ec6cf5c21db5add652256d9c420ba2656857
Author: remm <[email protected]>
AuthorDate: Tue Oct 7 14:46:04 2025 +0200
Incorrect processing of partitioned setting
BZ39836
Patch submitted by Marc Pynaert.
---
.../apache/tomcat/util/http/Rfc6265CookieProcessor.java | 2 +-
.../tomcat/util/http/TestCookieProcessorGeneration.java | 15 +++++++++++++++
webapps/docs/changelog.xml | 8 ++++++++
3 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/http/Rfc6265CookieProcessor.java
b/java/org/apache/tomcat/util/http/Rfc6265CookieProcessor.java
index 877d5e41ca..8f0b3bb40d 100644
--- a/java/org/apache/tomcat/util/http/Rfc6265CookieProcessor.java
+++ b/java/org/apache/tomcat/util/http/Rfc6265CookieProcessor.java
@@ -185,7 +185,7 @@ public class Rfc6265CookieProcessor extends
CookieProcessorBase {
header.append("; Partitioned");
}
} else {
- if (EMPTY_STRING.equals(cookiePartitioned)) {
+ if (EMPTY_STRING.equals(cookiePartitioned) ||
Boolean.parseBoolean(cookiePartitioned)) {
header.append("; Partitioned");
}
}
diff --git
a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
index e56a5aa675..4f95452e89 100644
--- a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
+++ b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
@@ -21,6 +21,8 @@ import jakarta.servlet.http.Cookie;
import org.junit.Assert;
import org.junit.Test;
+import org.apache.tomcat.util.descriptor.web.Constants;
+
public class TestCookieProcessorGeneration {
@Test
@@ -244,6 +246,19 @@ public class TestCookieProcessorGeneration {
rfc6265.setPartitioned(true);
Assert.assertEquals("foo=bar; Secure; HttpOnly; Partitioned",
rfc6265.generateHeader(cookie, null));
+
+ rfc6265.setPartitioned(false);
+ cookie.setAttribute(Constants.COOKIE_PARTITIONED_ATTR, "true");
+
+ Assert.assertEquals("foo=bar; Secure; HttpOnly; Partitioned",
rfc6265.generateHeader(cookie, null));
+
+ cookie.setAttribute(Constants.COOKIE_PARTITIONED_ATTR, "false");
+
+ Assert.assertEquals("foo=bar; Secure; HttpOnly",
rfc6265.generateHeader(cookie, null));
+
+ cookie.setAttribute(Constants.COOKIE_PARTITIONED_ATTR, "");
+
+ Assert.assertEquals("foo=bar; Secure; HttpOnly; Partitioned",
rfc6265.generateHeader(cookie, null));
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e036c90676..f42ca03c2c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -119,6 +119,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ <bug>69836</bug>: Incorrect processing of partitioned setting when
+ generating session cookie. Patch submitted by Marc Pynaert. (remm)
+ </fix>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 11.0.12 (markt)" rtext="release in progress">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
