Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #1396 - Correcting control character range

This commit is contained in:
Joakim Erdfelt 2017-03-15 16:26:39 -07:00
parent 528c1f7745
commit 77bd0a66b8
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
jetty-server/src/main/java/org/eclipse/jetty/server/Response.java
View File

@ -347,7 +347,10 @@ public class Response implements HttpServletResponse
for(; i<valueLen; i++)
{
char c = value.charAt(i);
if (c <= 0x1F)
// 0x00 - 0x1F are low order control characters
// 0x7F is the DEL control character
if ((c <= 0x1F) || (c == 0x7F))
throw new IllegalArgumentException("Control characters not allowed in RFC6265 Cookie value");
if ((c == ' ' /* 0x20 */) ||
(c == '"' /* 0x2C */) ||
@ -356,7 +359,7 @@ public class Response implements HttpServletResponse
{
throw new IllegalArgumentException("RFC6265 Cookie value may not contain character: [" + c + "]");
}
if (c >= 0x7F)
if (c >= 0x80)
throw new IllegalArgumentException("RFC6265 Cookie value characters restricted to US-ASCII range: 0x" + Integer.toHexString(c));
}
}