Created attachment 34059 [details] patch against trunk The RFC2109 specification that defines the version 1 cookie says that whitespaces are allowed in quoted cookie value. However, the cookie parser (for Rfc6265CookieProcessor) does not allow whitespaces in quoted cookie value of the version 1 cookie. I made the patch that the cookie parser treats whitespace as enabled character.
Thanks of the report. There was a similar issue with tabs. This has been fixed in 9.0.x for 9.0.0.M10 onwards, 8.5.x for 8.5.5 onwards and 8.0.x for 8.0.37 onwards.