FloatDreamed 2017-07-26
I'm using tomcat 8.0.21 with the new Rfc6265 cookie processor. If there are cookies starting with a dot I'm getting the following error:
java.lang.IllegalArgumentException: An invalid domain [.db-app.de] was specified for this cookie org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:180) org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:122) org.apache.catalina.connector.Response.generateCookieString(Response.java:959) org.apache.catalina.connector.Response.addCookie(Response.java:907) org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:392) org.esigate.servlet.impl.ResponseSender.sendResponse(ResponseSender.java:70) com.bahn.esiExtensions.ExtendedProxyServlet.doFilter(ExtendedProxyServlet.java:104)
Is there a way to prevent tomcat from throwing this error?
I'm using a new version of Tomcat 8 (from this last October) and after add the line to force use the legacy cookie processor, it works fine. On your ${catalina.base}conf/context.xml
:
<Context> <!-- Default set of monitored resources. If one of these changes, the --> <!-- web application will be reloaded. --> <WatchedResource>WEB-INF/web.xml</WatchedResource> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource> <!-- Uncomment this to disable session persistence across Tomcat restarts --> <!-- <Manager pathname="" /> --> <!-- Force use the old Cookie processor (because this new tomcat version uses RFC6265 Cookie Specification) --> <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
I hope this may be your case. Just set this CookieProcessor, and your implementation will be working as was in previous versions of Tomcat 8.