On 13/07/2016 07:28, Kyohei Nakamura wrote: > Hi all, > > The documentation of the Cookie Processor says that the > Rfc6265CookieProcessor is based on the RFC6265. > The RFC6265 specification does not allow the Version attribute in the > Cookie header. > However the Rfc6265CookieProcessor handles the version 1 cookie ($Version=1). > I think the Rfc6265CookieProcessor should complies with the RFC6265 > specification that does not allow the Version attribute. > > Why does the Rfc6265CookieProcessor handle the version 1 cookie?
The CookieProcessor implementation determines how Tomcat writes Set-Cookie headers, not how it reads them. To provide backwards compatibility for clients that send RFC2109 compliant cookies, Rfc6265CookieProcessor reads them using RFC2019 parsing rules. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org