https://issues.apache.org/bugzilla/show_bug.cgi?id=55095
Bug ID: 55095 Summary: isV0Separator method fail on production environment - IllegalArgumentException : Control character in cookie value or attribute. Product: Tomcat 7 Version: 7.0.40 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: javier.dura...@mercadolibre.com I'm getting a low percent of requests failed due to an exception in the org/apache/tomcat/util/http/CookieSupport class. here is the code section: public static final boolean isV0Separator(final char c) { if (c < 0x20 || c >= 0x7f) { if (c != 0x09) { throw new IllegalArgumentException( "Control character in cookie value or attribute."); } } return V0_SEPARATOR_FLAGS[c]; } I believe that the problem is in the Cookie class: org/apache/tomcat/util/http/Cookies, in the "processCookieHeader" method line 340. I'm using the ALLOW_HTTP_SEPARATORS_IN_V0 flag, but the call to the isV0Separator method is before that, so it gets the Exception and then it cannot check the flag. It is possible to ignore this cookies? They are from a external domain so I cannot modify then, and I don't want to loose request because of this validation, I would like to ignore it. My stacktrace is: java.lang.IllegalArgumentException: Control character in cookie value or attribute. org.apache.tomcat.util.http.CookieSupport.isV0Separator (CookieSupport.java:153) org.apache.tomcat.util.http.Cookies.processCookieHeader (Cookies.java:340) org.apache.tomcat.util.http.Cookies.processCookies (Cookies.java:168) org.apache.tomcat.util.http.Cookies.getCookieCount (Cookies.java:106) …catalina.connector.CoyoteAdapter.parseSessionCookiesId (CoyoteAdapter.java:932) …ache.catalina.connector.CoyoteAdapter.postParseRequest (CoyoteAdapter.java:689) org.apache.catalina.connector.CoyoteAdapter.service (CoyoteAdapter.java:403) …g.apache.coyote.http11.AbstractHttp11Processor.process (AbstractHttp11Processor.java:1008) …ote.AbstractProtocol$AbstractConnectionHandler.process (AbstractProtocol.java:589) …apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run (JIoEndpoint.java:310) java.util.concurrent.ThreadPoolExecutor$Worker.runTask (ThreadPoolExecutor.java:886) java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:908) java.lang.Thread.run (Thread.java:662) Thanks -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org