-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch to io.netty.handler.codec.http.cookie.Cookie in order to support cookies with duplicate keys #1749
Conversation
map.put(cookie.getName(), existing); | ||
} | ||
existing.add(cookie); | ||
map.computeIfAbsent(cookie.name(), k -> new ArrayList<>(1)).add(cookie); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯
has = true; | ||
break; | ||
} | ||
Cookie cookie = ClientCookieDecoder.STRICT.decode(setCookieValue); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Intentional to use STRICT here vs LAX in HttpRequestMessageImpl.java
and further down in add/setCookie?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I maintained the strict/lax behavior. By default CookieDecoder.decode() uses strict, but for whatever reason ServerCookieEncoder.encode uses lax
Co-authored-by: Gavin Bunney <[email protected]>
…rt cookies with duplicate keys (#1749) * Switch to newer netty cookie parser * more deprecated usages * bump minor version * Update gradle.properties Co-authored-by: Gavin Bunney <[email protected]> --------- Co-authored-by: Gavin Bunney <[email protected]>
We've been using the deprecated
io.netty.handler.codec.http.Cookie
andCookieDecoder.decode
.CookieDecoder
is unable to handle duplicate key names, so I had to switch us to the newer decoder. I'm also bumping to 2.5.0 since I had to make breaking changes to interfaces