This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new bb9260d170 Fix BZ 70038 - Cookie.clone() should also clone internal
attribute map
bb9260d170 is described below
commit bb9260d170b2e57b54d107a54300b5f9d4428c06
Author: Mark Thomas <[email protected]>
AuthorDate: Tue May 12 07:54:17 2026 +0100
Fix BZ 70038 - Cookie.clone() should also clone internal attribute map
---
java/jakarta/servlet/http/Cookie.java | 7 ++++++-
test/jakarta/servlet/http/TestCookie.java | 9 ++++++---
webapps/docs/changelog.xml | 4 ++++
3 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/java/jakarta/servlet/http/Cookie.java
b/java/jakarta/servlet/http/Cookie.java
index e699a88dfd..d9cb361136 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -332,7 +332,12 @@ public class Cookie implements Cloneable, Serializable {
@Override
public Object clone() {
try {
- return super.clone();
+ Cookie clone = (Cookie) super.clone();
+ if (attributes != null) {
+ clone.attributes = new
TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+ clone.attributes.putAll(attributes);
+ }
+ return clone;
} catch (CloneNotSupportedException e) {
throw new RuntimeException(e);
}
diff --git a/test/jakarta/servlet/http/TestCookie.java
b/test/jakarta/servlet/http/TestCookie.java
index a4def48a9e..9c751112bb 100644
--- a/test/jakarta/servlet/http/TestCookie.java
+++ b/test/jakarta/servlet/http/TestCookie.java
@@ -206,7 +206,7 @@ public class TestCookie {
@Test
public void testClone() {
- Cookie a = new Cookie("a", "a");
+ Cookie a = new Cookie("a-name", "a-value");
a.setDomain("domain");
a.setHttpOnly(true);
a.setMaxAge(123);
@@ -215,13 +215,16 @@ public class TestCookie {
Cookie b = (Cookie) a.clone();
- Assert.assertEquals("a", b.getName());
- Assert.assertEquals("a", b.getValue());
+ Assert.assertEquals("a-name", b.getName());
+ Assert.assertEquals("a-value", b.getValue());
Assert.assertEquals("domain", b.getDomain());
Assert.assertTrue(b.isHttpOnly());
Assert.assertEquals(123, b.getMaxAge());
Assert.assertEquals("/path", b.getPath());
Assert.assertTrue(b.getSecure());
+
+ b.setPath("new-path");
+ Assert.assertEquals("/path", a.getPath());
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c3c3390e3f..6f1a86738c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -118,6 +118,10 @@
Prevent duplicate log messages when clustering JARs are not present on
startup. (csutherl)
</fix>
+ <fix>
+ <bug>70038</bug>: <code>Cookie.clone()</code> should also clone the
+ internal attribute map. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Web applications">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
