tomcat cookie domain validation

前端 未结 3 1010
野趣味
野趣味 2021-02-07 11:49

I\'m using tomcat 8.0.21 with the new Rfc6265 cookie processor. If there are cookies starting with a dot I\'m getting the following error:

java.lang.IllegalArgum         


        
相关标签:
3条回答
  • 2021-02-07 12:25

    With the new cookie processor on Tomcat 8, your cookie domain must start with a number or a letter. Removing the leading dot should get rid of this error.

    Try changing it to dot.db-app.de instead, or give it a new name entirely.

    0 讨论(0)
  • 2021-02-07 12:27

    I'm using a new version of Tomcat 8 (from this last October) and after add the line to force use the legacy cookie processor, it works fine. On your ${catalina.base}conf/context.xml:

    <Context>
    
    <!-- Default set of monitored resources. If one of these changes, the    -->
    <!-- web application will be reloaded.                                   -->
    <WatchedResource>WEB-INF/web.xml</WatchedResource>
    <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
    
    <!-- Uncomment this to disable session persistence across Tomcat restarts -->
    <!--
    <Manager pathname="" />
    -->
    
    <!-- Force use the old Cookie processor (because this new tomcat version uses RFC6265 Cookie Specification) -->
    <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
    

    I hope this may be your case. Just set this CookieProcessor, and your implementation will be working as was in previous versions of Tomcat 8.

    0 讨论(0)
  • 2021-02-07 12:30

    You can revert Tomcat's behaviour by defining the legacy cookie processor in your context.xml file.

    See Apache Tomcat 8 Configuration Reference: The Cookie Processor Component

    0 讨论(0)
提交回复
热议问题