Hi,
While upgrading to Netty 4.1.5, I noticed the following behaviour with
cookie decoding:
STRICT cookie decoder silently ignores all incorrect cookies: For example
@Test
public void testCookieDecoder() throws Exception {
// Invalid cookie name as it contains a delimiter ',' character:
Set<Cookie> cookies =
ServerCookieDecoder.STRICT.decode("HttpOnly,hparg=foo;\n");
System.out.println("Decoded: " + cookies);
}
This will print:
"Decoded: []"
Now the caller remains completely clueless that there in fact was an
invalid cookie present. This doesn't throw any exceptions due to illegal
cookie names. I assume this is by design?
If so it would be useful to have a version of .decode() that could be used
for validation purposes. One that would throw an exception when faced with
invalid cookie names etc. What do you think?
Many thanks,
Mikko
--
You received this message because you are subscribed to the Google Groups
"Netty discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/netty/e4a7ad3d-8a43-424c-9e3f-b3a8c1bc4b86%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
