svn commit: r831779 - /tomcat/trunk/java/javax/servlet/http/Cookie.java

Sun, 01 Nov 2009 15:05:00 -0800 

Author: markt
Date: Sun Nov  1 23:04:33 2009
New Revision: 831779

URL: http://svn.apache.org/viewvc?rev=831779&view=rev
Log:
Don't allow null or zero length cookie names.

Modified:
    tomcat/trunk/java/javax/servlet/http/Cookie.java

Modified: tomcat/trunk/java/javax/servlet/http/Cookie.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/http/Cookie.java?rev=831779&r1=831778&r2=831779&view=diff
==============================================================================
--- tomcat/trunk/java/javax/servlet/http/Cookie.java (original)
+++ tomcat/trunk/java/javax/servlet/http/Cookie.java Sun Nov  1 23:04:33 2009
@@ -17,7 +17,6 @@
 package javax.servlet.http;
 
 import java.text.MessageFormat;
-import java.util.Date;
 import java.util.ResourceBundle;
 
 /**
@@ -124,26 +123,30 @@
      */
 
     public Cookie(String name, String value) {
-       if (!isToken(name)
-               || name.equalsIgnoreCase("Comment")     // rfc2019
-               || name.equalsIgnoreCase("Discard")     // 2019++
-               || name.equalsIgnoreCase("Domain")
-               || name.equalsIgnoreCase("Expires")     // (old cookies)
-               || name.equalsIgnoreCase("Max-Age")     // rfc2019
-               || name.equalsIgnoreCase("Path")
-               || name.equalsIgnoreCase("Secure")
-               || name.equalsIgnoreCase("Version")
-               || name.startsWith("$")
-           ) {
-           String errMsg = lStrings.getString("err.cookie_name_is_token");
-           Object[] errArgs = new Object[1];
-           errArgs[0] = name;
-           errMsg = MessageFormat.format(errMsg, errArgs);
-           throw new IllegalArgumentException(errMsg);
-       }
+        if (name == null || name.length() == 0) {
+            throw new IllegalArgumentException(
+                    lStrings.getString("err.cookie_name_blank"));
+        }
+        if (!isToken(name)
+                || name.equalsIgnoreCase("Comment") // rfc2019
+                || name.equalsIgnoreCase("Discard") // 2019++
+                || name.equalsIgnoreCase("Domain")
+                || name.equalsIgnoreCase("Expires") // (old cookies)
+                || name.equalsIgnoreCase("Max-Age") // rfc2019
+                || name.equalsIgnoreCase("Path")
+                || name.equalsIgnoreCase("Secure")
+                || name.equalsIgnoreCase("Version")
+                || name.startsWith("$")
+            ) {
+            String errMsg = lStrings.getString("err.cookie_name_is_token");
+            Object[] errArgs = new Object[1];
+            errArgs[0] = name;
+            errMsg = MessageFormat.format(errMsg, errArgs);
+            throw new IllegalArgumentException(errMsg);
+        }
 
-       this.name = name;
-       this.value = value;
+        this.name = name;
+        this.value = value;
     }
 
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to