Mercurial > hg > shenandoah-preopenjdk-archive > openjdk8 > jdk
changeset 7283:f6e6c27c19f3
7188517: Check on '$' character is missing in the HttpCookie class constructor
Summary: Modified the constructor code so that the cookie names are examined for leading dollar signs and if they do, an illegal argument exception is thrown.
Reviewed-by: chegar, khazra, michaelm
Contributed-by: john.zavgren@oracle.com
author | jzavgren |
---|---|
date | Fri, 31 May 2013 15:18:15 -0400 |
parents | 11cdcf87ad5d |
children | 198de8103df2 |
files | src/share/classes/java/net/HttpCookie.java test/java/net/CookieHandler/TestHttpCookie.java |
diffstat | 2 files changed, 8 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/java/net/HttpCookie.java Fri May 31 15:23:26 2013 -0400 +++ b/src/share/classes/java/net/HttpCookie.java Fri May 31 15:18:15 2013 -0400 @@ -128,8 +128,7 @@ * a {@code String} specifying the value of the cookie * * @throws IllegalArgumentException - * if the cookie name contains illegal characters or it is one of - * the tokens reserved for use by the cookie protocol + * if the cookie name contains illegal characters * @throws NullPointerException * if {@code name} is {@code null} * @@ -142,7 +141,7 @@ private HttpCookie(String name, String value, String header) { name = name.trim(); - if (name.length() == 0 || !isToken(name)) { + if (name.length() == 0 || !isToken(name) || name.charAt(0) == '$') { throw new IllegalArgumentException("Illegal cookie name"); } @@ -170,9 +169,8 @@ * @return a List of cookie parsed from header line string * * @throws IllegalArgumentException - * if header string violates the cookie specification's syntax, or - * the cookie name contains illegal characters, or the cookie name - * is one of the tokens reserved for use by the cookie protocol + * if header string violates the cookie specification's syntax or + * the cookie name contains illegal characters. * @throws NullPointerException * if the header string is {@code null} */
--- a/test/java/net/CookieHandler/TestHttpCookie.java Fri May 31 15:23:26 2013 -0400 +++ b/test/java/net/CookieHandler/TestHttpCookie.java Fri May 31 15:18:15 2013 -0400 @@ -243,6 +243,10 @@ test("set-cookie2: Customer = \"WILE_E_COYOTE\"; Version = \"1\"; Path = \"/acme\"") .n("Customer").v("WILE_E_COYOTE").ver(1).p("/acme"); + // $NAME is reserved; result should be null + test("set-cookie2: $Customer = \"WILE_E_COYOTE\"; Version = \"1\"; Path = \"/acme\"") + .nil(); + // a 'full' cookie test("set-cookie2: Customer=\"WILE_E_COYOTE\"" + ";Version=\"1\"" +