morgand 01/05/14 12:57:13
Modified: httpclient/src/java/org/apache/commons/httpclient
Cookie.java
Log:
removed port numbers from cookies
Revision Changes Path
1.2 +33 -3
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Cookie.java
Index: Cookie.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Cookie.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Cookie.java 2001/04/25 18:42:50 1.1
+++ Cookie.java 2001/05/14 19:57:08 1.2
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Cookie.java,v
1.1 2001/04/25 18:42:50 remm Exp $
- * $Revision: 1.1 $
- * $Date: 2001/04/25 18:42:50 $
+ * $Header:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Cookie.java,v
1.2 2001/05/14 19:57:08 morgand Exp $
+ * $Revision: 1.2 $
+ * $Date: 2001/05/14 19:57:08 $
*
* ====================================================================
*
@@ -78,6 +78,7 @@
*
* @author B.C. Holmes
* @author <a href="mailto:[EMAIL PROTECTED]";>Park, Sung-Gu</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Doug Sale</a>
*/
public class Cookie extends NameValuePair implements Serializable {
@@ -114,7 +115,7 @@
if (value == null) throw new NullPointerException("missing value");
if (domain == null) throw new NullPointerException("missing domain");
- this.m_domain = domain.toLowerCase();
+ this.setDomain(domain);
}
/**
@@ -193,6 +194,10 @@
* @see #getDomain()
*/
public void setDomain(String domain) {
+ int ndx = domain.indexOf(":");
+ if (ndx != -1) {
+ domain = domain.substring(0, ndx);
+ }
m_domain = domain.toLowerCase();
}
@@ -288,8 +293,32 @@
public static Header createCookieHeader(String domain,
String path, Vector cookies) {
+
+ // This code was allowing port values in the domain. This is not part
+ // of RFC2109.
+ //
+ // As per RFC2109 (from Section 2 - Terminology):
+ //
+ // The terms request-host and request-URI refer to the values the client
+ // would send to the server as, respectively, the host (but not port)
+ // and abs_path portions of the absoluteURI (http_URL) of the HTTP
+ // request line.
+ //
+ // RFC2965 includes ports in cookie-sending determination, but only
+ // when the cookie is received via a 'Set-Cookie2' header.
+ //
+ // Since this code doesn't support RFC2965, ports have been removed
+ // from domains before checking mathces.
+ //
+ // removing port from domain
+ int ndx = domain.indexOf(":");
+ if (ndx != -1) {
+ domain = domain.substring(0, ndx);
+ }
domain = domain.toLowerCase();
+
StringBuffer value = new StringBuffer("$Version=1");
+
// FIXME: cookies are supposed to be ordered with "better"
// matches first
for (Enumeration e = cookies.elements(); e.hasMoreElements(); ) {
@@ -351,6 +380,7 @@
"Bad Set-Cookie header: " + setCookie.getValue() +
"\nMissing value " + "for cookie '" +
headerElements[i].getName() + "'");
+
Cookie cookie = new Cookie(domain,
headerElements[i].getName(),
headerElements[i].getValue());
