On 17/07/2012 10:17, Michael McMahon wrote:
Hi,
Could I get the following change reviewed please?
http://cr.openjdk.java.net/~michaelm/7183292/webrev.1/
Since 7u4, we are parsing all incoming cookies via the HttpCookie class.
This class has had a restriction on cookie names that is causing this
problem
and which is not required by any of the cookie specifications, as far as
I can see,
(rfc 2965, and 6265 which obsoletes 2965).
Right, this is my reading of the RFC's also. In fact, RFC 2965
explicitly states that "the NAME of a cookie MAY be the same as one of
the attributes in this specification".
The restriction was that cookie names could not be the same (case
insensitively)
as any of the attribute names (eg. Domain). So, the change is to remove
the restriction.
Yes, this makes sense to me.
One comment on the webrev is that isReserved also enforces that the name
cannot start with a '$', from 2965: "NAMEs that begin with $ are
reserved and MUST NOT be used by applications." I think you may need to
minimally reintroduce this. Otherwise, the changes look good to me.
-Chris.
Thanks,
Michael
