|Summary:||The cookie parser (for Rfc6265CookieProcessor) does not allow whitespaces in quoted cookie value of the version 1 cookie|
|Product:||Tomcat 9||Reporter:||Kyohei Nakamura <nakamura.kyohei.lab>|
|Component:||Catalina||Assignee:||Tomcat Developers Mailing List <dev>|
|Attachments:||patch against trunk|
Description Kyohei Nakamura 2016-07-21 05:21:36 UTC
Created attachment 34059 [details] patch against trunk The RFC2109 specification that defines the version 1 cookie says that whitespaces are allowed in quoted cookie value. However, the cookie parser (for Rfc6265CookieProcessor) does not allow whitespaces in quoted cookie value of the version 1 cookie. I made the patch that the cookie parser treats whitespace as enabled character.
Comment 1 Mark Thomas 2016-08-04 18:51:57 UTC
Thanks of the report. There was a similar issue with tabs. This has been fixed in 9.0.x for 9.0.0.M10 onwards, 8.5.x for 8.5.5 onwards and 8.0.x for 8.0.37 onwards.