Author: markt
Date: Thu Apr 30 10:04:08 2015
New Revision: 1676943

URL: http://svn.apache.org/r1676943
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57871
Ensure that setting the allowHttpSepsInV0 property of LegacyCookieProcessor to 
false only prevents HTTP separators from being used without quotes.

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java?rev=1676943&r1=1676942&r2=1676943&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java 
Thu Apr 30 10:04:08 2015
@@ -184,7 +184,7 @@ public final class LegacyCookieProcessor
             if (allowHttpSepsInV0) {
                 allowedWithoutQuotes.set(sep);
             } else {
-                allowedWithoutQuotes.clear();
+                allowedWithoutQuotes.clear(sep);
             }
         }
         if (getForwardSlashIsSeparator() && !allowHttpSepsInV0) {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to