Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-16053

[GSS](7.2.z) UNDERTOW-1462 - Request cookie is incorrectly parsed when a backslash-escaped double quote exists in the quoted cookie value

XMLWordPrintable

      EAP 7/Undertow parses a request cookie incorrectly when a backslash-escaped double quote (\") exists in the quoted cookie value.

      • example.jsp
      <%
      Cookie[] cookies = request.getCookies();
      for (Cookie cookie: cookies) {
          out.println("cookie key = " + cookie.getName());
          out.println("cookie val = " + cookie.getValue());
      }
      %>
      
      • EAP 7 incorrectly parses the quoted cookie value "my\"value" as my\
      $ curl -v http://localhost:8080/test/example.jsp -H 'Cookie: mykey="my\"value"'
      ...
      > GET /test/example.jsp HTTP/1.1
      > User-Agent: curl/7.29.0
      > Host: localhost:8080
      > Accept: */*
      > Cookie: mykey="my\"value"
      > 
      < HTTP/1.1 200 OK
      < Connection: keep-alive
      < X-Powered-By: Undertow/1
      < X-Powered-By: JSP/2.3
      < Server: JBoss-EAP/7
      < ....
      < 
      cookie key = mykey
      cookie val = my\
      
      
      • EAP 6.4 can correctly parse the quoted cookie value "my\"value" as my"value:
      $ curl -v http://localhost:8080/test/example.jsp -H 'Cookie: mykey="my\"value"'
      ...
      > GET /test/example.jsp HTTP/1.1
      > User-Agent: curl/7.29.0
      > Host: localhost:8080
      > Accept: */*
      > Cookie: mykey="my\"value"
      > 
      < HTTP/1.1 200 OK
      < Server: Apache-Coyote/1.1
      < X-Powered-By: JSP/2.2
      < ...
      < 
      cookie key = mykey
      cookie val = my"value
      
      

              rhn-support-tmiyargi Teresa Miyar Gil (Inactive)
              rhn-support-mmiura Masafumi Miura
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: