JBoss EAP 5.0.1 Does not add Quotation marks for Cookies Values which has Special characters in it
Issue
- When trying to create a cookie with invalid characters is not escaped with double quotes for Cookie Values.
Cookie cookie = new Cookie("jboss_cookie_url", "http://www.jbosstest.com");
cookie.setPath("/");
cookie.setDomain("localhost.aa.dd");
cookie.setSecure(false);
cookie.setMaxAge(-1);
httpServletResponse.addCookie(cookie);
- Then the above code sends a cookie to the browser then we see the following Headers :
We can see that the Cookie value which has special characters in it is not placed inside a Quotation mark by default.
REQUEST & RESPONSE which is captured by the Http Header Watch
[http://localhost.aa.dd:8080/cookiedemo/ShowCookies](http://localhost.aa.dd:8080/cookiedemo/ShowCookies)
GET /cookiedemo/ShowCookies HTTP/1.1
Host: localhost.aa.dd:8080
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110318 Red Hat/3.6.15-2.el6_0 Firefox/3.6.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: jboss_cookie_url=http://www.jbosstest.com
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Set-Cookie: jboss_cookie_url=http://www.jbosstest.com; Domain=localhost.aa.dd; Expires=Tue, 03-May-2011 09:48:35 GMT; Path=/
Content-Length: 155
Date: Tue, 03 May 2011 09:48:05 GMT
Example:
The Following Result we Got:
Set-Cookie: jboss_cookie_url=http://www.jbosstest.com; Domain=localhost.aa.dd; Expires=Tue, 03-May-2011 09:48:35 GMT; Path=/
The Expected Result as following :
Set-Cookie: jboss_cookie_url="http://www.jbosstest.com"; Domain=localhost.aa.dd; Expires=Tue, 03-May-2011 09:48:35 GMT; Path=/
Environment
- JBoss Enterprise Application Platform (EAP)
- 5.0.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.