Bug 44442

Summary: getCookies method trouble
Product: Tomcat 6 Reporter: dead_lnx
Component: Servlet & JSP APIAssignee: Tomcat Developers Mailing List <dev>
Status: CLOSED INVALID    
Severity: normal    
Priority: P1    
Version: unspecified   
Target Milestone: default   
Hardware: Other   
OS: Windows XP   

Description dead_lnx 2008-02-16 23:05:45 UTC
Tomcat 6.0.16
If cookie includes character like '@' and ':', 
String after these character is ignored.

Ex. Cookie's value : test@examples.com
   request.getCookies()[0].getValue() // test
   ('@examples.com' is ignored!)
Comment 1 Mark Thomas 2008-02-17 01:28:54 UTC
That is because those characters are illegal in version 0 cookies (as per the
spec). You need to use version 1 cookies.

The cookie handling in 6.0.16 had an overhaul as a result of a couple of minor
security issues.

There will probably be an option to auto-switch to v1 cookies for this use case
in 6.0.17 onwards.
Comment 2 dead_lnx 2008-02-17 02:07:39 UTC
Thanks. I Understood.