craigmcc    01/09/25 13:40:42

  Modified:    catalina/src/share/org/apache/catalina/util CookieTools.java
  Log:
  Avoid NPE errors on malformed cookies with null names or values.  Note
  that this does *not* mean setting the value to null will cause a cookie to
  be deleted, as some applications mistakenly assume.  The correct way to
  delete a cookie is to call setMaxAge(0) before adding it to the response.
  
  Revision  Changes    Path
  1.6       +12 -5     
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/util/CookieTools.java
  
  Index: CookieTools.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/util/CookieTools.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- CookieTools.java  2001/09/05 18:35:32     1.5
  +++ CookieTools.java  2001/09/25 20:40:42     1.6
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/util/CookieTools.java,v
 1.5 2001/09/05 18:35:32 craigmcc Exp $
  - * $Revision: 1.5 $
  - * $Date: 2001/09/05 18:35:32 $
  + * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/util/CookieTools.java,v
 1.6 2001/09/25 20:40:42 craigmcc Exp $
  + * $Revision: 1.6 $
  + * $Date: 2001/09/25 20:40:42 $
    *
    * ====================================================================
    *
  @@ -108,9 +108,16 @@
   
           // this part is the same for all cookies
   
  -        buf.append(URLEncoder.encode(cookie.getName()));
  +        String name = cookie.getName();     // Avoid NPE on malformed cookies
  +        if (name == null)
  +            name = "";
  +        String value = cookie.getValue();
  +        if (value == null)
  +            value = "";
  +        
  +        buf.append(URLEncoder.encode(name));
           buf.append("=");
  -        maybeQuote(version, buf, URLEncoder.encode(cookie.getValue()));
  +        maybeQuote(version, buf, URLEncoder.encode(value));
   
           // add version 1 specific information
           if (version == 1) {
  
  
  

Reply via email to