Bug 44871 - Cookie parsing issue
Cookie parsing issue
Status: RESOLVED DUPLICATE of bug 44679
Product: Tomcat 5
Classification: Unclassified
Component: Servlet & JSP API
5.5.26
PC Windows XP
: P2 normal (vote)
: ---
Assigned To: Tomcat Developers Mailing List
:
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2008-04-24 13:15 UTC by Michael Moynihan
Modified: 2008-04-24 14:33 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Moynihan 2008-04-24 13:15:17 UTC
We've discovered an issue with the latest version of Tomcat 5 (5.5.25) & Tomcat 6 (6.0.16). The problem arises when doing base64 encoding of cookies in our application. When the cookie is encoded, the '=' character is used for padding. When it reaches the browser, the cookie is a valid base 64 encoded cookie and the '=' character is the last character.

However when the application retrieves the cookies sent back from the browser using a simple request.getCookie, we can see that the '=' char has been stripped away. This results in a an error when trying to decode. It could be as a result of the '=' being used as a delimiting character resulting in the request headers being incorrectly parsed.

This is only an issues with the latest versions of Tomcat 5 & 6. Previous version work ok.
Comment 1 Filip Hanik 2008-04-24 14:33:12 UTC

*** This bug has been marked as a duplicate of bug 44679 ***