This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push: new 00b7666 Improve parsing of space around v1 cookie attributes 00b7666 is described below commit 00b7666237e0866a50a8cbbdc23b8ade2cb96d45 Author: Mark Thomas <ma...@apache.org> AuthorDate: Wed Jun 17 23:33:21 2020 +0100 Improve parsing of space around v1 cookie attributes --- java/org/apache/tomcat/util/http/parser/Cookie.java | 5 +++++ test/org/apache/tomcat/util/http/parser/TestCookie.java | 4 ++-- webapps/docs/changelog.xml | 5 +++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/http/parser/Cookie.java b/java/org/apache/tomcat/util/http/parser/Cookie.java index 181e052..24c33b2 100644 --- a/java/org/apache/tomcat/util/http/parser/Cookie.java +++ b/java/org/apache/tomcat/util/http/parser/Cookie.java @@ -286,6 +286,7 @@ public class Cookie { } if (parseAttributes) { + skipLWS(bb); skipResult = skipBytes(bb, PATH_BYTES); if (skipResult == SkipResult.FOUND) { skipLWS(bb); @@ -294,6 +295,7 @@ public class Cookie { skipInvalidCookie(bb); continue; } + skipLWS(bb); path = readCookieValueRfc2109(bb, true); if (path == null) { skipInvalidCookie(bb); @@ -318,6 +320,7 @@ public class Cookie { } if (parseAttributes) { + skipLWS(bb); skipResult = skipBytes(bb, DOMAIN_BYTES); if (skipResult == SkipResult.FOUND) { skipLWS(bb); @@ -326,11 +329,13 @@ public class Cookie { skipInvalidCookie(bb); continue; } + skipLWS(bb); domain = readCookieValueRfc2109(bb, false); if (domain == null) { skipInvalidCookie(bb); continue; } + skipLWS(bb); skipResult = skipByte(bb, COMMA_BYTE); if (skipResult == SkipResult.FOUND) { diff --git a/test/org/apache/tomcat/util/http/parser/TestCookie.java b/test/org/apache/tomcat/util/http/parser/TestCookie.java index c97e587..0f8a1dd 100644 --- a/test/org/apache/tomcat/util/http/parser/TestCookie.java +++ b/test/org/apache/tomcat/util/http/parser/TestCookie.java @@ -38,8 +38,8 @@ public class TestCookie { List<Object[]> parameterSets = new ArrayList<>(); String[] SEPS = new String[] { ",", ";" }; - String[] PATHS = new String[] { ";$Path=/foo", ""}; - String[] DOMAINS = new String[] { ";$Domain=bar.com", ""}; + String[] PATHS = new String[] { ";$Path=/foo", " ; $Path = /foo ", ""}; + String[] DOMAINS = new String[] { ";$Domain=bar.com", " ; $Domain = bar.com ", ""}; for (String sep1 : SEPS) { for (String path1 : PATHS) { diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 4c68770..84dbb14 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -94,6 +94,11 @@ to correctly handle input addresses that ended with a pair of colons. Based on a patch by syarramsetty-skyhook. (markt) </fix> + <fix> + Correctly parse RFC 2109 version 1 cookies that have additional linear + white space around cookie attrubute names and values when using the RFC + 6265 cookie processor. (markt) + </fix> </changelog> </subsection> <subsection name="Jasper"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org