Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8214171

HttpCookie.domainMatches implements RFC 2965 instead of RFC 6265

    Details

      Description

      A DESCRIPTION OF THE PROBLEM :
      The domain matching is defined slightly differently in the new RFC 6265 which obsoletes RFC 2965. Only the latter is implemented in HttpCookie.domainMatches(...), though (https://tools.ietf.org/html/rfc2965#section-3.3). Instead the rules from the newer RFC 6265 should be followed (https://tools.ietf.org/html/rfc6265#section-5.1.3).

      The following example gives different results in those two RFCs with respect to domain matching:

      cookie-domain: example.com, current-domain: some.sub.example.com, this should be a match according to RFC 6265 but should be no match according to the old RFC 2965.


        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                psonal Pallavi Sonal (Inactive)
                Reporter:
                webbuggrp Webbug Group
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: