This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7ba46bd074 Fix BZ 70038 - Cookie.clone() should also clone internal
attribute map
7ba46bd074 is described below
commit 7ba46bd0747d92e019bd0077156e8d9ea7fc068d
Author: Mark Thomas <[email protected]>
AuthorDate: Tue May 12 07:54:17 2026 +0100
Fix BZ 70038 - Cookie.clone() should also clone internal attribute map
---
java/jakarta/servlet/http/Cookie.java | 7 ++++++-
test/jakarta/servlet/http/TestCookie.java | 9 ++++++---
webapps/docs/changelog.xml | 4 ++++
3 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/java/jakarta/servlet/http/Cookie.java
b/java/jakarta/servlet/http/Cookie.java
index e217e58644..51d22a7704 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -340,7 +340,12 @@ public class Cookie implements Cloneable, Serializable {
@Override
public Object clone() {
try {
- return super.clone();
+ Cookie clone = (Cookie) super.clone();
+ if (attributes != null) {
+ clone.attributes = new
TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+ clone.attributes.putAll(attributes);
+ }
+ return clone;
} catch (CloneNotSupportedException e) {
throw new RuntimeException(e);
}
diff --git a/test/jakarta/servlet/http/TestCookie.java
b/test/jakarta/servlet/http/TestCookie.java
index a4def48a9e..9c751112bb 100644
--- a/test/jakarta/servlet/http/TestCookie.java
+++ b/test/jakarta/servlet/http/TestCookie.java
@@ -206,7 +206,7 @@ public class TestCookie {
@Test
public void testClone() {
- Cookie a = new Cookie("a", "a");
+ Cookie a = new Cookie("a-name", "a-value");
a.setDomain("domain");
a.setHttpOnly(true);
a.setMaxAge(123);
@@ -215,13 +215,16 @@ public class TestCookie {
Cookie b = (Cookie) a.clone();
- Assert.assertEquals("a", b.getName());
- Assert.assertEquals("a", b.getValue());
+ Assert.assertEquals("a-name", b.getName());
+ Assert.assertEquals("a-value", b.getValue());
Assert.assertEquals("domain", b.getDomain());
Assert.assertTrue(b.isHttpOnly());
Assert.assertEquals(123, b.getMaxAge());
Assert.assertEquals("/path", b.getPath());
Assert.assertTrue(b.getSecure());
+
+ b.setPath("new-path");
+ Assert.assertEquals("/path", a.getPath());
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9ce88d3c3f..a5b00a454b 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -215,6 +215,10 @@
Add support for literal <code>'%'</code> characters in access log
output. Based on pull request <pr>1002</pr> by Fabian Hahn. (markt)
</add>
+ <fix>
+ <bug>70038</bug>: <code>Cookie.clone()</code> should also clone
internal
+ attribute map. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
