Index: java/org/apache/commons/httpclient/cookie/CookieSpecBase.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/cookie/CookieSpecBase.java,v retrieving revision 1.16.2.1 diff -u -r1.16.2.1 CookieSpecBase.java --- java/org/apache/commons/httpclient/cookie/CookieSpecBase.java 20 Oct 2003 22:27:37 -0000 1.16.2.1 +++ java/org/apache/commons/httpclient/cookie/CookieSpecBase.java 16 Dec 2003 17:45:47 -0000 @@ -419,9 +419,15 @@ // domain must match host if (!host.endsWith(cookie.getDomain())) { - throw new MalformedCookieException( - "Illegal domain attribute \"" + cookie.getDomain() - + "\". Domain of origin: \"" + host + "\""); + String s = cookie.getDomain(); + if (s.startsWith(".")) { + s = s.substring(1, s.length()); + } + if (!host.equals(s)) { + throw new MalformedCookieException( + "Illegal domain attribute \"" + cookie.getDomain() + + "\". Domain of origin: \"" + host + "\""); + } } } else { if (!host.equals(cookie.getDomain())) { Index: test/org/apache/commons/httpclient/TestCookie.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestCookie.java,v retrieving revision 1.22.2.1 diff -u -r1.22.2.1 TestCookie.java --- test/org/apache/commons/httpclient/TestCookie.java 20 Oct 2003 22:27:37 -0000 1.22.2.1 +++ test/org/apache/commons/httpclient/TestCookie.java 16 Dec 2003 17:45:50 -0000 @@ -1001,6 +1001,28 @@ assertEquals("$Version=0; name=; $Domain=.whatever.com; $Path=/", s); } + /** + * Tests if that invalid second domain level cookie gets + * rejected in the strict mode, but gets accepted in the + * browser compatibility mode. + */ + public void testSecondDomainLevelCookie() throws Exception { + Cookie cookie = new Cookie(".sourceforge.net", "name", null, "/", null, false); + cookie.setDomainAttributeSpecified(true); + cookie.setPathAttributeSpecified(true); + CookieSpec parser = null; + + parser = CookiePolicy.getSpecByPolicy(CookiePolicy.COMPATIBILITY); + parser.validate("sourceforge.net", 80, "/", false, cookie); + + parser = CookiePolicy.getSpecByPolicy(CookiePolicy.RFC2109); + try { + parser.validate("sourceforge.net", 80, "/", false, cookie); + fail("MalformedCookieException should have been thrown"); + } catch (MalformedCookieException e) { + // Expected + } + } }