[jira] [Created] (WW-4437) Bug in CookieInterceptor

Fri, 19 Dec 2014 08:30:08 -0800 

Chris Pratt created WW-4437:
-------------------------------

             Summary: Bug in CookieInterceptor
                 Key: WW-4437
                 URL: https://issues.apache.org/jira/browse/WW-4437
             Project: Struts 2
          Issue Type: Bug
          Components: Core Interceptors
    Affects Versions: 2.3.20
            Reporter: Chris Pratt


Sorry, I don't have an environment set up to create a patch, but I found an 
error in the {{CookieInterceptor.isAccepted()}} method.  It currently looks 
like:

{code:java}
/**
 * Checks if name of Cookie match {@link #acceptedPattern}
 *
 * @param name of Cookie
 * @return true|false
 */
protected boolean isAccepted(String name) {
    boolean matches = acceptedPattern.matcher(name).matches();
    if (matches) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Cookie [#0] matches acceptedPattern [#1]", name, 
ACCEPTED_PATTERN);
        }
    } else {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Cookie [#0] doesn't match acceptedPattern [#1]", name, 
ACCEPTED_PATTERN);
        }
    }
    return matches;
}
{code}

But it would be more useful if it actually reported the RegEx being used 
instead of the default.  And, it would be more performant if the comparisons 
were reversed.  So something more like:

{code:java}
/**
 * Checks if name of Cookie match {@link #acceptedPattern}
 *
 * @param name of Cookie
 * @return true|false
 */
protected boolean isAccepted (String name) {
  boolean matches = acceptedPattern.matcher(name).matches();
  if(LOG.isTraceEnabled()) {   
    if(matches) {
      LOG.trace("Cookie [#0] matches acceptedPattern 
[#1]",name,acceptedPattern.pattern());
    } else {
      LOG.trace("Cookie [#0] doesn't match acceptedPattern 
[#1]",name,acceptedPattern.pattern());
    }
  }
  return matches;
}
{code}

In addition, it looks like the default and the override are handled 
differently.  The current code compiles the default case-insensitive, but not 
the override pattern.  Shouldn't that be consistent?

{code:java}
private Pattern acceptedPattern = 
Pattern.compile(ACCEPTED_PATTERN,Pattern.CASE_INSENSITIVE);

public void setAcceptCookieNames (String pattern) {
  acceptedPattern = Pattern.compile(pattern);
}
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to