Add a way to set custom cookie parsers #34081
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add a way to set custom cookie parsers to be compliant with rfc6265 section 4.1.1
spring-projects-issues
added
the
status: waiting-for-triage
bclozel
added
the
in: web
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add a way to set custom cookie parsers to be compliant with rfc6265 section 4.1.1
java.net.HttpCookie::parse still follows rfc2965: https://docs.oracle.com/javase/8/docs/api/java/net/HttpCookie.html#parse-java.lang.String-
That has been obsoleted from rfc6265: https://datatracker.ietf.org/doc/html/rfc6265
That in section 4.1.1 states the following:
So the MUST constraint from rfc2965 has been relaxed to SHOULD NOT in rfc6265
I think that taking this into account, it may also be a good idea to collapse some features between the Jetty response connector and the JDK response connector, and provide a way to customize the cookie parser.