jakartaee / servlet

Jakarta Servlet
https://eclipse.org/ee4j/servlet
Other
266 stars 87 forks source link

Fix #37 - update Cookie class for RFC 6265 #446

Closed markt-asf closed 2 years ago

markt-asf commented 2 years ago

In summary:

The reason I am proposing this for 6.0 as that I started to look at the TCK and noted that Tomcat's "pass the TCK" mode included various settings for use RFC 2109 rather than RFC 6265. I also recall a TCK challenge caused by the Javadoc continuing to refer to RFC 2109. It struck me that we really should try and get this into 6.0.

The changes turned out to be fairly minimal. Effectively disabling version should have minimal effect as RFC 2965 was never really implemented by any browser.

Reducing the restrictions on cookie names should safe as well.

markt-asf commented 2 years ago

The forced push was just a re-base with a minor conflict resolved in the unit test.

markt-asf commented 2 years ago

I'm intending to leave this PR open for further comment while I work on updating Tomcat to remove RFC 2109 support. I'm not expecting that to identify that further changes are required to this PR but you never know - and it gives folks more time to review the PR.

markt-asf commented 2 years ago

The forced pushed includes the following: