Bug 55984 - Invalid V1 cookie generated if value contains separator and ALLOW_HTTP_SEPARATORS_IN_V0 is true
Invalid V1 cookie generated if value contains separator and ALLOW_HTTP_SEPARA...
Product: Tomcat 8
Classification: Unclassified
Component: Catalina
All All
: P2 normal (vote)
: ----
Assigned To: Tomcat Developers Mailing List
Depends on:
  Show dependency tree
Reported: 2014-01-10 03:04 UTC by Jeremy Boynes
Modified: 2014-10-03 08:41 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Boynes 2014-01-10 03:04:30 UTC
If ALLOW_HTTP_SEPARATORS_IN_V0 is true, then setting a value for a V1 cookie containing a separator results in an invalid value per the V1 specification.

For example,
  Cookie cookie = new Cookie("foo", "a=b");
will create a header of the form:
  Set-Cookie: foo=a=b; Version=1
which is not a valid header per RFC2109.

Because the version is specifically set to 1 the property should be ignored as this is not a V0 cookie. The result after auto-quoting would be
  Set-Cookie: foo="a=b"; Version=1

Alternatively this could result an IAE because the value «a=b» is not a token or quoted-string and hence not valid in a V1 cookie.
Comment 1 Mark Thomas 2014-10-03 08:41:24 UTC
This has been fixed in 8.0.x for 8.0.15 onwards.