{noformat} Caused by: java.lang.IllegalArgumentException: Cookie name "a:b" is a reserved token at javax.servlet.http.Cookie.<init>(Cookie.java:139) {noformat}
I'm not sure there is much we can do about it if the standard Servlet refuse cookie names with colon in it.
From what I see in "javax.servlet.http.Cookie" 3.1.0 code you can change a bit the validation be by setting the System property "org.glassfish.web.rfc2109_cookie_names_enforced" to false (as in -Dorg.glassfish.web.rfc2109_cookie_names_enforced=false) which then only check for ",", ";" and white space.
It feels like a won't fix to me (and just document how to change the validation behavior if an admin really wants to). |
|