44871 – Cookie parsing issue

Bug 44871 - Cookie parsing issue

Summary: Cookie parsing issue

Status:	RESOLVED DUPLICATE of bug 44679

Alias:	None

Product:	Tomcat 5
Classification:	Unclassified
Component:	Servlet & JSP API (show other bugs)
Version:	5.5.26
Hardware:	PC Windows XP

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-04-24 13:15 UTC by Michael Moynihan
Modified:	2008-04-24 14:33 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Moynihan 2008-04-24 13:15:17 UTC

We've discovered an issue with the latest version of Tomcat 5 (5.5.25) & Tomcat 6 (6.0.16). The problem arises when doing base64 encoding of cookies in our application. When the cookie is encoded, the '=' character is used for padding. When it reaches the browser, the cookie is a valid base 64 encoded cookie and the '=' character is the last character.

However when the application retrieves the cookies sent back from the browser using a simple request.getCookie, we can see that the '=' char has been stripped away. This results in a an error when trying to decode. It could be as a result of the '=' being used as a delimiting character resulting in the request headers being incorrectly parsed.

This is only an issues with the latest versions of Tomcat 5 & 6. Previous version work ok.

Comment 1 Filip Hanik 2008-04-24 14:33:12 UTC


*** This bug has been marked as a duplicate of bug 44679 ***