marcsaeg 01/08/12 16:26:57
Modified: src/share/org/apache/tomcat/util Tag: tomcat_32
RequestUtil.java
Log:
Wrapped cookie creation in a try/catch block so that invalid cookies won't
abort request processing.
Submitted by: Jeff Kilbride [[EMAIL PROTECTED]]
Revision Changes Path
No revision
No revision
1.14.2.6 +17 -4
jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/RequestUtil.java
Index: RequestUtil.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/RequestUtil.java,v
retrieving revision 1.14.2.5
retrieving revision 1.14.2.6
diff -u -r1.14.2.5 -r1.14.2.6
--- RequestUtil.java 2001/05/21 14:58:57 1.14.2.5
+++ RequestUtil.java 2001/08/12 23:26:57 1.14.2.6
@@ -184,10 +184,23 @@
String name = token.substring(0, i).trim();
String value = token.substring(i+1, token.length()).trim();
- // RFC 2109 and bug
- value=stripQuote( value );
- Cookie cookie = new Cookie(name, value);
- cookies.addElement(cookie);
+ // RFC 2109 and bug
+ value=stripQuote( value );
+
+ // Wrap the cookie creation in a try/catch to prevent bad
+ // cookie names from killing the request -- Bug #1141
+ try {
+ Cookie cookie = new Cookie(name, value);
+ cookies.addElement(cookie);
+ }
+ catch ( java.lang.IllegalArgumentException iae ) {
+
+ // Log the original cookie header string, so we
+ // can see what is causing this
+ System.err.println(iae.getMessage() + "\n" +
+ "Cookie Header: " + cookieString);
+ }
+
} else {
// we have a bad cookie.... just let it go
}
