Details
-
Bug
-
Resolution: Done
-
Major
-
1.0.15.Final, 1.1.0.CR4, 1.2.0.Beta1
-
None
Description
This is a real case, on our web app, a user's request comes with an illegal cookie name "ctx:1420m06d05", our code calls getCookies() on request to retrieve our own cookie which has a legal name but we can't because the Cookie constructor from servlet API 3.1 raises an IllegalArgumentException: Cookie name "ctx:1420m06d05" is a reserved token.
This problem exists in all Undertow branches.
Undertow's HttpServletRequestImpl.getCookies() should ignore illegal cookies by catching IllegalArgumentException when building a new Cookie, this is what Tomcat does because cookie names cannot be trusted in incoming requests.
See Request.parseCookies() at line 3028:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Request.java
14:15:26.806 ERROR [1A2nPixN-A1BAp-C54j2x7tq] TraiterExceptionVrchTcl - Cookie: 'testcookie=works; __utmc=80329874; __utma=80329874.325613860.1413373316.1413373316.1413373316.1; __utmb=80329874.37.7.1413374768025; __utmz=80329874.1413373316.1.1.utmcsr=ask|utmccn=(organic)|utmcmd=organic|utmctr=Horaires%20Tcl%20De%20Lyon; __utmt=1; JSESSIONID=1A2nPixN-A1BAp-C54j2x7tq.node06; ls_google_allow=1; ls_iserver_timestamp_bnc_bsaved=1413373242310; ctx:1420m06d05=7b2273756363657373223a302c226c6f675f616374697665223a317d'
14:15:26.807 ERROR [1A2nPixN-A1BAp-C54j2x7tq] TraiterExceptionVrchTcl - Erreur inconnue.
java.lang.IllegalArgumentException: Cookie name "ctx:1420m06d05" is a reserved token
at javax.servlet.http.Cookie.<init>(Cookie.java:192) ~[jboss-servlet-api_3.1_spec-1.0.0.Final.jar!/:1.0.0.Final]
at io.undertow.servlet.spec.HttpServletRequestImpl.getCookies(HttpServletRequestImpl.java:145) ~[undertow-servlet-1.0.15.jar!/:1.0.15.Final]
at org.springframework.web.util.WebUtils.getCookie(WebUtils.java:532) ~[spring-web-3.2.8.RELEASE.jar:3.2.8.RELEASE]
