[jira] [Commented] (CXF-6729) Version 1 NewCookie is not compliant with RFC 2109

Neal Hu (JIRA) Mon, 11 Jan 2016 19:12:07 -0800

    [ 
https://issues.apache.org/jira/browse/CXF-6729?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15093212#comment-15093212
 ]


Neal Hu commented on CXF-6729:
------------------------------

RI checks the whitespace only for the value/comment/path/domain, please see:
https://github.com/jersey/jersey/blob/master/core-common/src/main/java/org/glassfish/jersey/message/internal/NewCookieProvider.java


>  Version 1 NewCookie is not compliant with RFC 2109
> ---------------------------------------------------
>
>                 Key: CXF-6729
>                 URL: https://issues.apache.org/jira/browse/CXF-6729
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 3.0.7, 3.1.4
>         Environment: Windows
>            Reporter: Neal Hu
>             Fix For: 3.1.5, 3.0.8
>
>
> Hi,
> From http://www.ietf.org/rfc/rfc2109.txt and 
> http://stackoverflow.com/questions/572482/why-do-cookie-values-with-whitespace-arrive-at-the-client-side-with-quotes
> the version 1 cookie look like: name="value with 
> spaces";Max-Age=3600;Path="/";Version=1
> NewCookieHeaderProvider.toString(NewCookie) has not handled the special 
> characters(RFC2068) that need around with quotes



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CXF-6729) Version 1 NewCookie is not compliant with RFC 2109

Reply via email to