Cookie name must be case sensitive

Motivation:

RFC 6265 does not state that cookie names must be case insensitive.

Modifications:

Fix io.netty.handler.codec.http.cookie.DefaultCookie#equals() method to
use case sensitive String#equals() and String#compareTo().

Result:

It is possible to parse several cookies with same names but with
different cases.
This commit is contained in:
Sergey Polovko 2016-08-22 19:51:45 +03:00 committed by Norman Maurer
parent 9bc3e56647
commit 3451b3cbb3
2 changed files with 23 additions and 6 deletions

View File

@ -135,7 +135,7 @@ public class DefaultCookie implements Cookie {
} }
Cookie that = (Cookie) o; Cookie that = (Cookie) o;
if (!name().equalsIgnoreCase(that.name())) { if (!name().equals(that.name())) {
return false; return false;
} }
@ -164,7 +164,7 @@ public class DefaultCookie implements Cookie {
@Override @Override
public int compareTo(Cookie c) { public int compareTo(Cookie c) {
int v = name().compareToIgnoreCase(c.name()); int v = name().compareTo(c.name());
if (v != 0) { if (v != 0) {
return v; return v;
} }

View File

@ -72,6 +72,10 @@ public class ServerCookieDecoderTest {
Iterator<Cookie> it = cookies.iterator(); Iterator<Cookie> it = cookies.iterator();
Cookie c; Cookie c;
c = it.next();
assertEquals("ARPT", c.name());
assertEquals("LWUKQPSWRTUN04CKKJI", c.value());
c = it.next(); c = it.next();
assertEquals("__utma", c.name()); assertEquals("__utma", c.name());
assertEquals("48461872.1094088325.1258140131.1258140131.1258140131.1", c.value()); assertEquals("48461872.1094088325.1258140131.1258140131.1258140131.1", c.value());
@ -90,10 +94,6 @@ public class ServerCookieDecoderTest {
"utmccn=(referral)|utmcmd=referral|utmcct=/Home-Garden/Furniture/Clearance/clearance/32/dept.html", "utmccn=(referral)|utmcmd=referral|utmcct=/Home-Garden/Furniture/Clearance/clearance/32/dept.html",
c.value()); c.value());
c = it.next();
assertEquals("ARPT", c.name());
assertEquals("LWUKQPSWRTUN04CKKJI", c.value());
c = it.next(); c = it.next();
assertEquals("kw-2E343B92-B097-442c-BFA5-BE371E0325A2", c.name()); assertEquals("kw-2E343B92-B097-442c-BFA5-BE371E0325A2", c.name());
assertEquals("unfinished_furniture", c.value()); assertEquals("unfinished_furniture", c.value());
@ -182,4 +182,21 @@ public class ServerCookieDecoderTest {
Set<Cookie> cookies = ServerCookieDecoder.STRICT.decode("name=\"foo;bar\";"); Set<Cookie> cookies = ServerCookieDecoder.STRICT.decode("name=\"foo;bar\";");
assertTrue(cookies.isEmpty()); assertTrue(cookies.isEmpty());
} }
@Test
public void testCaseSensitiveNames() {
Set<Cookie> cookies = ServerCookieDecoder.STRICT.decode("session_id=a; Session_id=b;");
Iterator<Cookie> it = cookies.iterator();
Cookie c;
c = it.next();
assertEquals("Session_id", c.name());
assertEquals("b", c.value());
c = it.next();
assertEquals("session_id", c.name());
assertEquals("a", c.value());
assertFalse(it.hasNext());
}
} }