Bug 55984 - Invalid V1 cookie generated if value contains separator and ALLOW_HTTP_SEPARATORS_IN_V0 is true
Summary: Invalid V1 cookie generated if value contains separator and ALLOW_HTTP_SEPARA...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 8.0.x-trunk
Hardware: All All
: P2 normal (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-10 03:04 UTC by Jeremy Boynes
Modified: 2014-10-03 08:41 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Boynes 2014-01-10 03:04:30 UTC 
If ALLOW_HTTP_SEPARATORS_IN_V0 is true, then setting a value for a V1 cookie containing a separator results in an invalid value per the V1 specification.

For example,
  Cookie cookie = new Cookie("foo", "a=b");
  cookie.setVersion(1);
will create a header of the form:
  Set-Cookie: foo=a=b; Version=1
which is not a valid header per RFC2109.

Because the version is specifically set to 1 the property should be ignored as this is not a V0 cookie. The result after auto-quoting would be
  Set-Cookie: foo="a=b"; Version=1

Alternatively this could result an IAE because the value «a=b» is not a token or quoted-string and hence not valid in a V1 cookie.
Comment 1 Mark Thomas 2014-10-03 08:41:24 UTC 
This has been fixed in 8.0.x for 8.0.15 onwards.