Joerg Schaefer wrote:
> Hi Mark,
> thanks for the quick reply.
> How can i realize option 1?
> How can i configure STRICT_SERVLET_COMPILANCE?
http://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html
Mark
-
To unsubscri
Hi Mark,
thanks for the quick reply.
How can i realize option 1?
How can i configure STRICT_SERVLET_COMPILANCE?
thanks,
Joerg
Mark Thomas
07.09.2009 15:17
Please respond to
"Tomcat Users List"
To
Tomcat Users List
cc
Subject
Re: Cookie value with equal sign getting
Joerg Schaefer wrote:
> It seems, that Tomcat doesn't allow a "= " sign in the cookie value.
It is the cookie specs that doesn't allow unquoted '=' and Tomcat got
stricter about enforcing the specs as a result of a couple of security
vulnerabilities.
> If there is a "=" it put the value into "" -
It seems, that Tomcat doesn't allow a "= " sign in the cookie value.
If there is a "=" it put the value into "" -signs.
This problem occurs with Tomcat 6.0.18.
Are there a workarounds available to disable this behavior?
regards, Joerg
*** DEPARTMENT DISCLAIMER ***
