Ah, thanks! To be honest I'm not sure which of those properties would work around the "Control character in cookie value or attribute" exception.
Maybe org.apache.tomcat.util.http. ServerCookie.FWD_SLASH_IS_SEPARATOR? I can't tell if "Control character" means a literal non-printable character (i.e. something between 0x00 and 0x1F), or something else like a \ getting in there, like foo\nbar. Don't suppose it could be unicode in a cookie value that's causing this? Which seems more plausible to you, 0x00 or unicode? And any specific suggestions for config tweaks would be much appreciated! Dan On Fri, May 20, 2011 at 3:56 PM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > > From: Dan Checkoway [mailto:dchecko...@gmail.com] > > Subject: Control character in cookie value or attribute > > > I honestly have no idea if it's related to the tomcat version > > or some legitimately wacked out Set-Cookie header coming in. > > Both, actually. Tomcat 7 is bit more picky about what it accepts for cookies. You can control the behavior with the cookie-related properties listed here: > > http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html#Specification > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >