6

I am trying to set a cookie with value unkown#4?Wn5pZ1JwQnlLEGRJAgB4WQU%3D in Servlet response.

But when I set the cookie in browser it is returned with quotes surrounding it like this:

"unkown#4?Wn5pZ1JwQnlLEGRJAgB4WQU%3D".

Why is this happening? We are using Jetty as application server.

I will put code which I have written

String cookieValue = "unkown#4?Wn5pZ1JwQnlLEGRJAgB4WQU%3D";
Cookie zedoCookie = new Cookie("cookiename", cookieValue);
zedoCookie.setMaxAge(31536000); // this is one year duration.
zedoCookie.setDomain("somedomain.com");
zedoCookie.setPath("/");
response.addCookie(zedoCookie);

Can someone put some light on this?

I have already had a look at this. But it does not seem to address my issue.

Community
  • 1
  • 1
Sam
  • 2,352
  • 4
  • 32
  • 45

1 Answers1

9

It seems like Jetty 8 (or earlier) treats the following characters as not allowed in Cookies: "\\n\r\t\f\b%+ ;= (HttpFields -> __COOKIE_DELIM). If one of these characters is contained in the value of the cookie, then the value will be enclosed in double quotes in the HTTP-Header. URL-Encoding does not solve the Problem, since then you will still have the % character inside. To me it seems like a bug. I posted a question to the Jetty mailing list. There is also another post on the mailing list, which explains why the cookie version is raised in Jetty version 9.

Kostas Filios
  • 718
  • 1
  • 9
  • 13
wolfs42
  • 796
  • 1
  • 5
  • 9
  • +1 Thanks for this. I had convert '+' -> '-', '/' -> '.', and '=' -> '_' to get my base64 cookie to be stored without spaces. – Gray Feb 17 '14 at 00:59