Vojtech Szocs has uploaded a new change for review. Change subject: webadmin,root: Control scope of cookies in root webapp ......................................................................
webadmin,root: Control scope of cookies in root webapp This patch ensures that both "langPageShown" and "locale" cookies are explicitly scoped to root webapp context URL, i.e. cookie path is "/". Change-Id: Id3beef969b96bad40bbeef86708c7f62b3b690ad Bug-Url: https://bugzilla.redhat.com/966525 Signed-off-by: Vojtech Szocs <vsz...@redhat.com> --- M backend/manager/modules/root/src/main/java/org/ovirt/engine/core/DocsServlet.java M backend/manager/modules/root/src/main/java/org/ovirt/engine/core/SplashServlet.java 2 files changed, 7 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/84/15084/1 diff --git a/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/DocsServlet.java b/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/DocsServlet.java index 1711d2f..4a2d24f 100644 --- a/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/DocsServlet.java +++ b/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/DocsServlet.java @@ -83,6 +83,8 @@ private void setLangPageShown(HttpServletResponse response, boolean value) { Cookie cookie = new Cookie(LANG_PAGE_SHOWN, Boolean.toString(value)); + // Scope this cookie to the (root) application context URL + cookie.setPath("/" + getServletContext().getContextPath()); // Don't set max age, i.e. let this be a session cookie response.addCookie(cookie); } diff --git a/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/SplashServlet.java b/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/SplashServlet.java index af2c391..ce72ad6 100644 --- a/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/SplashServlet.java +++ b/backend/manager/modules/root/src/main/java/org/ovirt/engine/core/SplashServlet.java @@ -61,9 +61,12 @@ * @param userLocale The {@code Locale} to put in the cookie. */ private void setCookie(final HttpServletResponse response, final Locale userLocale) { - //Detected locale doesn't match the default locale, set a cookie. + // Detected locale doesn't match the default locale, set a cookie. Cookie cookie = new Cookie(LocaleFilter.LOCALE, userLocale.toString()); - cookie.setMaxAge(Integer.MAX_VALUE); //Doesn't expire. + // Scope this cookie to the (root) application context URL + cookie.setPath("/" + getServletContext().getContextPath()); + // This cookie never expires + cookie.setMaxAge(Integer.MAX_VALUE); response.addCookie(cookie); } -- To view, visit http://gerrit.ovirt.org/15084 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Id3beef969b96bad40bbeef86708c7f62b3b690ad Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vojtech Szocs <vsz...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
