Author: markt
Date: Wed May 21 18:54:28 2014
New Revision: 1596651
URL: http://svn.apache.org/r1596651
Log:
Apply patch 08 from jboynes to improve cookie handling.
Encapsulate use of ALWAYS_ADD_EXPIRES as it only applies to Set-Cookie
generation.
The patch should be safe since the logic is unchanged.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java
tomcat/trunk/java/org/apache/tomcat/util/http/SetCookieSupport.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java?rev=1596651&r1=1596650&r2=1596651&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java Wed May 21
18:54:28 2014
@@ -44,13 +44,6 @@ public final class CookieSupport {
public static final boolean ALLOW_HTTP_SEPARATORS_IN_V0;
/**
- * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
- * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then default
- * is false. Explicitly setting always takes priority.
- */
- public static final boolean ALWAYS_ADD_EXPIRES;
-
- /**
* If set to true, the <code>/</code> character will be treated as a
* separator. Default is usually false. If STRICT_SERVLET_COMPLIANCE==true
* then default is true. Explicitly setting always takes priority.
@@ -97,15 +90,6 @@ public final class CookieSupport {
"org.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0",
"false")).booleanValue();
- String alwaysAddExpires = System.getProperty(
- "org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES");
- if (alwaysAddExpires == null) {
- ALWAYS_ADD_EXPIRES = !STRICT_SERVLET_COMPLIANCE;
- } else {
- ALWAYS_ADD_EXPIRES =
- Boolean.valueOf(alwaysAddExpires).booleanValue();
- }
-
String preserveCookieHeader = System.getProperty(
"org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER");
if (preserveCookieHeader == null) {
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/SetCookieSupport.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/SetCookieSupport.java?rev=1596651&r1=1596650&r2=1596651&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/SetCookieSupport.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/SetCookieSupport.java Wed May
21 18:54:28 2014
@@ -29,6 +29,22 @@ import javax.servlet.http.Cookie;
* Support class for generating Set-Cookie header values.
*/
public class SetCookieSupport {
+ /**
+ * If set to false, we don't use the IE6/7 Max-Age/Expires work around.
+ * Default is usually true. If STRICT_SERVLET_COMPLIANCE==true then default
+ * is false. Explicitly setting always takes priority.
+ */
+ private static final boolean ALWAYS_ADD_EXPIRES;
+ static {
+ String alwaysAddExpires =
+
System.getProperty("org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES");
+ if (alwaysAddExpires != null) {
+ ALWAYS_ADD_EXPIRES =
Boolean.valueOf(alwaysAddExpires).booleanValue();
+ } else {
+ ALWAYS_ADD_EXPIRES =
!Boolean.getBoolean("org.apache.catalina.STRICT_SERVLET_COMPLIANCE");
+ }
+ }
+
// Other fields
private static final String OLD_COOKIE_PATTERN = "EEE, dd-MMM-yyyy
HH:mm:ss z";
private static final ThreadLocal<DateFormat> OLD_COOKIE_FORMAT =
@@ -107,7 +123,7 @@ public class SetCookieSupport {
}
// IE6, IE7 and possibly other browsers don't understand Max-Age.
// They do understand Expires, even with V1 cookies!
- if (version == 0 || CookieSupport.ALWAYS_ADD_EXPIRES) {
+ if (version == 0 || ALWAYS_ADD_EXPIRES) {
// Wdy, DD-Mon-YY HH:MM:SS GMT ( Expires Netscape format )
buf.append ("; Expires=");
// To expire immediately we need to set the time in past
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
