Bill Barker wrote:
I agree that the patch is simply masking the real problem. With the current
mod_jk code what Tomcat sees is:
Cookie: myCookie=1234
Cookie: $Version=1
Huh, looking at the source I see the problem.
we are using:
'if (memcmp(p, "OOKIE", 5)'
so both cookie and cookie2 a
> -Original Message-
> From: Mladen Turk [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, December 07, 2005 10:09 AM
> To: Tomcat Developers List
> Subject: Re: [PATCH] Cookie, Cookie2 Header fix for mod_jk
>
> Andre Gebers wrote:
> > Hi,
> >
> > n
Andre Gebers wrote:
Hi,
newer versions of opera send the Cookie2-header along with the
Cookie-header which looks somewhat like this:
Right, but the patch would not work.
It would be a security hole, because the http rfc
diferentiates cookie from cookie2.
Right now the Cookie2 header is pas
Hi,
newer versions of opera send the Cookie2-header along with the
Cookie-header which looks somewhat like this:
GET /app/index2.html HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; X11; Linux i686; en)
Opera 8.51
Host: localhost:11620
Accept: text/html, application/xml;q=0.9, applic