On 14/11/2009, [email protected] <[email protected]> wrote:
> Author: markt
> Date: Sat Nov 14 03:47:48 2009
> New Revision: 836113
>
> URL: http://svn.apache.org/viewvc?rev=836113&view=rev
> Log:
> More cookie refactoring
> - new support class for common elements of parsing and writing
> - better consistency between parsing and writing
> - remove unused code
> - reduce visibility of methods where possible
> - auto-switch to v1 for any attribute that might require quoting
> - better names for constants
> - allow v0 cookies to break http spec (disabled by default)
> - update test cases and documentation
>
> Added:
> tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java (with
> props)
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesAllowHttpSeps.java
> (with props)
> Modified:
> tomcat/trunk/java/org/apache/tomcat/util/http/Cookies.java
> tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesAllowEquals.java
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesDefaultSysProps.java
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesDisallowEquals.java
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesNoFwdStrictSysProps.java
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesStrictSysProps.java
>
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookiesSwitchSysProps.java
> tomcat/trunk/webapps/docs/config/systemprops.xml
>
> Added: tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java?rev=836113&view=auto
>
> ==============================================================================
> --- tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java (added)
> +++ tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java Sat Nov
<snip/>
> + public static final boolean FWD_SLASH_IS_SEPARATOR;
> +
> + /**
> + * The list of separators that apply to version 0 cookies. To quote the
> + * spec, these are comma, semi-colon and white-space. The HTTP spec
> + * definition of linear white space is [CRLF] 1*( SP | HT )
> + */
> + public static final char[] V0_SEPARATORS = {',', ';', ' ', '\t'};
> + public static final boolean[] V0_SEPARATOR_FLAGS = new boolean[128];
public arrays are not immutable - entries can be changed accidentally
or maliciously.
As far as I can tell, the arrays could be made private without
breaking any code.
==
It looks like some/all of the booleans could also be made private -
why expose fields unnecessarily?
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
