As per the discussion on the mailing list,
SecurityWrapperRequest.getHeaderValues is applying the HTTPHeaderValue
validator to the cookie headers and restricting the length to 150 chars.
Chris suggested that this method should ignore cookies along with
SecurityWrapperResponse too.
Original issue reported on code.google.com by luke.biddell on 31 Aug 2011 at 9:06
Original issue reported on code.google.com by
luke.biddellon 31 Aug 2011 at 9:06