-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 John,
On 1/27/20 9:37 AM, John Dale wrote: > Over the years I found it more productive to manage my own headers > for the most part. > > The key for us has been keeping the code clean and manageable. +1 But there isn't any reason not to use Tomcat's header parsing. If you have anything that could be considered odd, you should encode it in a safe way that doesn't require that you play other games with the cookie value. For example, base64 encoding a cookie value should make it header-safe, as long as you make sure to use a base64 encoder that doesn't add newlines. - -chris > On 1/27/20, Lazar Kirchev <lazar.kirc...@gmail.com> wrote: >> Hello, >> >> In Tomcat >= 8 there is the CookieProcessor in which cookie >> configurations could be made, including for SameSite cookie. Is >> there any way to configure this in Tomcat 7? Or the only way is >> to configure it manually in code? >> >> Kind regards, Lazar >> > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4wUtwACgkQHPApP6U8 pFi+NRAAhLyyE3tQuxUnkDEfBWD/myhclfgBtij85I/ovcYKqG1vZ13k4il4Ti2u eybk7C59WXnoaoiCL59JU/fC3a+p/hnK404FEH51iQ6TybSOC4BQjrzojiDCKSgi w0enCMkmbrEJNAYmg9SH4aqtet1tbxSMTjvEwHCxog3W1LEFeB2GXz9zvxyUQ82m Z1cSVjPn0sgzlV1UwABJnnxxveke2oH+CXpNtWR4eY/EjO3aC/sHfHJPyxNGFfUy xiT+S8Mv5K53M5Uz4+CGDIUWpu1/IwhRCtrS4FynMgm+l+ukPkdh96tlEfHx4mUF k+qo7vLcpq674QyYfPw94vRJ2BolwnoEtvPpIpNGa96QP1otP5WbJo+msr49pa/h +KLVw/nByH6+lv/K/Zt2bL/emKwoc+0Zb7eqEdJnOPBMXyXlSqoU5XHxpc6UFNA/ zCjXCRV/A0pXuHZDFXpjKS0tnwDj7fUsPuHHK8kol10ZhjZ672NLoXt5sFMiqXk9 tWk2bnUfTxxJaO13g86bIKLIch2UiSw2Dtg3qtbEHjm1VxTEscaJnFkX5I606x2d LW9dNhnBG4bEOt22sCb+iI5duw5HezDPVNUN4AsHizu3bZQlJIt/dOHJFXppyCfm 53+tZGs9veAG8Vlz3/DbLdTod92pxX6gGbmjJsU3TonPc4mMdNY= =UIAx -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
