[
https://issues.apache.org/jira/browse/CXF-6729?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15091902#comment-15091902
]
Sergey Beryozkin commented on CXF-6729:
---------------------------------------
By the way, what does RI do, does it auto-wrap or expects the application code
to do it itself ?
I'm asking because checking a supplied value for all the special characters
obviously slows the response down, and besides, Cookie.fromString() would need
to be updated to unwrap the value if it is a quoted string.
It all sounds reasonable but given the sensitivity of it (TCK compliance, and
the interoperability between different JAX-RS stacks), we need to double check
before making the change :-)
> Version 1 NewCookie is not compliant with RFC 2109
> ---------------------------------------------------
>
> Key: CXF-6729
> URL: https://issues.apache.org/jira/browse/CXF-6729
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 3.0.7, 3.1.4
> Environment: Windows
> Reporter: Neal Hu
> Fix For: 3.1.5, 3.0.8
>
>
> Hi,
> From http://www.ietf.org/rfc/rfc2109.txt and
> http://stackoverflow.com/questions/572482/why-do-cookie-values-with-whitespace-arrive-at-the-client-side-with-quotes
> the version 1 cookie look like: name="value with
> spaces";Max-Age=3600;Path="/";Version=1
> NewCookieHeaderProvider.toString(NewCookie) has not handled the special
> characters(RFC2068) that need around with quotes
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
