Fri Jul 10 2020 17:02:33 UTC
/ is the root of /all/evil
Hide Search Description
38 bugs found.
ID Product Comp Assignee Status Resolution Summary Changed
55917 Tomcat 8 Connecto dev RESO FIXE Cookie parsing fails hard with ISO-8859-1 values 2014-09-02
55918 Tomcat 8 Connecto dev RESO FIXE CTL characters may appear in quoted values for RFC2109 V1 cookies 2014-09-02
55920 Tomcat 8 Connecto dev RESO FIXE Quotes should not be removed from quoted cookie values 2014-10-07
55921 Tomcat 8 Connecto dev RESO FIXE Cookie values in JSON format are not skipped correctly when parsing fails 2014-09-02
55951 Tomcat 8 Connecto dev RESO FIXE HTML5 specifies UTF-8 encoding for cookie values 2014-10-10
55960 Tomcat 8 Catalina dev RESO FIXE TestSSOnonLoginAndBasicAuthenticator is flawed and incomplete 2014-01-09
55975 Tomcat 8 Catalina dev RESO FIXE Inconsistent escaping applied to V0 cookie values 2014-06-06
55984 Tomcat 8 Catalina dev RESO FIXE Invalid V1 cookie generated if value contains separator and ALLOW_HTTP_SEPARATORS_IN_V0 is true 2014-10-03
56256 Tomcat 8 Catalina dev RESO INVA Multiple cookies and parallel deployment 2014-03-14
56393 Tomcat 8 Catalina dev RESO FIXE Implement RFC6265 for Cookie parsing 2014-10-02
56394 Tomcat 8 Catalina dev RESO FIXE Allow cookie-parsing to be pluggable 2014-10-01
56666 Tomcat 8 Catalina dev RESO FIXE Improve code that clears SSO cookie 2014-07-03
56917 Tomcat 8 Catalina dev RESO FIXE Create a configuration to write relative 302 responses instead of absolute 2015-12-01
57287 Tomcat 8 Catalina dev RESO FIXE Sort files listed by DefaultServlet 2019-05-05
57629 Tomcat 8 Connecto dev RESO WONT sending large file with Expect: 100-continue wrong messages order 2015-02-26
58445 Tomcat 8 Util dev RESO FIXE Valid domain characters in Rfc6265CookieProcessor are incomplete 2015-09-22
58578 Tomcat 8 Catalina dev RESO FIXE NullPointerException in Request.parseCookies(). 2015-11-03
58660 Tomcat 8 Catalina dev RESO FIXE Different redirect behaviour when accessing path without a / 2016-11-21
58765 Tomcat 8 Catalina dev RESO FIXE Default behavior change in tomcat 8.0.29-30 context root redirect process 2015-12-28
58891 Tomcat 8 Document dev RESO FIXE Bad and/or dangerous SSL/TLS documentation 2016-05-23
59703 Tomcat 8 Catalina dev RESO INVA RFC 6265 Cookie Processor doesn't allow cookie domains with a leading dot. 2019-09-17
60208 Tomcat 8 Catalina dev RESO FIXE Regression: Cookies whose names match the web application context are now missing from request.getCookies() result 2016-10-06
60627 Tomcat 8 Catalina dev RESO FIXE Wrong cookie makes Rfc6265CookieProcessor ommit all following cookies 2017-01-27
60788 Tomcat 8 Catalina dev RESO WONT Cookies value contains quotes when the Cookie header contains $Version=1 and the header's value is enclosed by quotes 2017-03-01
60876 Tomcat 8 Catalina dev RESO FIXE Rfc6265CookieProcessor: syntax of Set-Cookie header deviates from spec 2017-03-16
61150 Tomcat 8 Catalina dev RESO FIXE One of the session attributes on the [host-]manager application is disallowed by the Security Manager 2017-06-11
61194 Tomcat 8 Cluster dev RESO INVA Duplicate sessions I'd is getting create 2017-06-16
61289 Tomcat 8 Connecto dev RESO INVA NullPointerException in Response.generateCookieString() 2017-08-21
61299 Tomcat 8 Catalina dev RESO INVA cookie bug in tomcat-embed-core jar 2017-07-16
61542 Tomcat 8 Catalina dev RESO FIXE Apache Tomcat Remote Code Execution via JSP Upload bypass 2020-01-16
62273 Tomcat 8 Specific dev RESO FIXE Add support for alternate URL specification 2018-11-20
62278 Tomcat 8 Catalina dev RESO INVA User session are mixed up after internal exceptions 2018-04-12
62771 Tomcat 8 Catalina dev RESO INVA Lost Cookie header (at least) just after request parse 2018-09-28
63312 Tomcat 8 Catalina dev RESO FIXE Unable to set status code on response after the status code was set to >= 400 2019-10-24
63324 Tomcat 8 Catalina dev RESO FIXE CrawlerSessionManagerValve is getting put into Session, which causes problems when serializing sessions 2019-05-01
63771 Tomcat 8 Catalina dev RESO INVA A way to strip 'Secure' From the cookie 2019-09-25
63865 Tomcat 8 Catalina dev RESO FIXE Cookie Attribute SameSite=None is default to unset in Chrome browser 2020-02-28
64574 Tomcat 8 Connecto dev RESO INVA Some HTTP/1.1 responses are broken (missing headers, empty chunks) 2020-07-02
38 bugs found.

as

File a new bug in the "Tomcat 8" product