Thanks Kurchi.
I have made one small change to another test, which was specifically
testing the $name assertion.
So, that test had to be removed.
The new webrev is at :
http://cr.openjdk.java.net/~michaelm/7183292/webrev.3/
- Michael
On 17/07/12 18:15, Kurchi Subhra Hazra wrote:
I have read the sections dealing with cookie-name in 6265, and these
changes look good to me.
- Kurchi
On 7/17/12 7:32 AM, Michael McMahon wrote:
Thanks for reviewing this Chris. On the question of whether $ should
be allowed
in cookie names, it appears like that restriction has been removed
from RFC 6265,
which is evidently a fairly comprehensive description of actual
cookie usage on the web.
So, maybe we should just leave that out as well - assuming that it is
being used in places
(albeit in contravention of the older RFC). What do you think?
- Michael
On 17/07/2012 14:18, Chris Hegarty wrote:
On 17/07/2012 10:17, Michael McMahon wrote:
Hi,
Could I get the following change reviewed please?
http://cr.openjdk.java.net/~michaelm/7183292/webrev.1/
Since 7u4, we are parsing all incoming cookies via the HttpCookie
class.
This class has had a restriction on cookie names that is causing this
problem
and which is not required by any of the cookie specifications, as
far as
I can see,
(rfc 2965, and 6265 which obsoletes 2965).
Right, this is my reading of the RFC's also. In fact, RFC 2965
explicitly states that "the NAME of a cookie MAY be the same as one
of the attributes in this specification".
The restriction was that cookie names could not be the same (case
insensitively)
as any of the attribute names (eg. Domain). So, the change is to
remove
the restriction.
Yes, this makes sense to me.
One comment on the webrev is that isReserved also enforces that the
name cannot start with a '$', from 2965: "NAMEs that begin with $
are reserved and MUST NOT be used by applications." I think you may
need to minimally reintroduce this. Otherwise, the changes look good
to me.
-Chris.
Thanks,
Michael
