A recent change to cookie parsing that I think appeared in 6.0.16 has caused us some problems. Any cookies with an = in their values no longer parse correctly. For example: Cookie: A=b=c;D=e Prior to 6.0.16, this was properly parsed as A b=c D e In 6.0.16, this is parsed as A b D e
It would be appreciated if you took the time to search the bug database and/or the mail archives before filing a duplicate. *** This bug has been marked as a duplicate of bug 44679 ***
Sorry, I did, but the search form defaulted to only show Open bugs, so I missed it. You might want to reconsider changing the default to All.
I just tried the latest version from the trunk in subversion and this still fails. It looks like the offending code is in Cookies.processCookieHeader().
A=b=c is not a valid cookie header. the second '=' needs to be escaped.
Hey, I just discovered the org.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE system property in 6.0.24 as I was about to patch it with our fix to this issue, as I've always had to do since 6.0.16. Does this mean that this issue has now been fixed as long as I set that system property to "true"?