RFR JDK7188517

Chris Hegarty chris.hegarty at oracle.com
Fri May 31 07:42:15 PDT 2013 

Looks fine to me John.

-Chris.

On 05/31/2013 01:11 PM, John Zavgren wrote:
> All:
>
> I'd like to give everyone another chance to weigh in on this change:
> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.04/
> so that I can wrap up this fix ASAP.
>
> (It makes HTTP cookies that begin with a dollar sign "illegal".)
>
> Thanks!
> John
>
> On 05/15/2013 07:54 AM, John Zavgren wrote:
>> Greetings:
>>
>> Can I get a show of hands on this RFR
>> (http://cr.openjdk.java.net/~jzavgren/7188517/webrev.04/)?
>> It's CCC request has been accepted and I'd like to wrap it up ASAP.
>>
>> Thanks!
>> John Zavgren
>>
>> On 05/09/2013 02:22 PM, John Zavgren wrote:
>>> Greetings:
>>> I made a mistake in my last RFR posting... the URL for the latest
>>> modifications is:
>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.04/
>>> instead of:
>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.03/
>>>
>>> The most recent change is to reinstate the original test that tested
>>> for cookie names that lead with a dollar sign.
>>>
>>> I'm sorry about the confusion.
>>>
>>> Thanks!
>>> John
>>>
>>>
>>> On 05/09/2013 03:42 PM, John Zavgren wrote:
>>>> Chris, et alia:
>>>> I put the reinstated the old test.
>>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.03/
>>>>
>>>> John
>>>>
>>>> ----- Original Message -----
>>>> From: chris.hegarty at oracle.com
>>>> To: john.zavgren at oracle.com
>>>> Cc: kurchi.subhra.hazra at oracle.com, net-dev at openjdk.java.net
>>>> Sent: Thursday, May 9, 2013 4:39:29 AM GMT -05:00 US/Canada Eastern
>>>> Subject: Re: RFR JDK7188517
>>>>
>>>> John,
>>>>
>>>> I think you can simply reinstate
>>>>
>>>> http://hg.openjdk.java.net/jdk8/jdk8/jdk/diff/7bd32bfc0539/test/java/net/CookieHandler/TestHttpCookie.java
>>>>
>>>>
>>>> -Chris.
>>>>
>>>> On 05/08/2013 09:02 PM, Kurchi Hazra wrote:
>>>>> I would have thrown an exception if the IllegalArgumentException is
>>>>> not
>>>>> obtained, otherwise the test looses its
>>>>> purpose, and will pass silently if someone mistakenly removes the $
>>>>> check in our code.
>>>>>
>>>>> - Kurchi
>>>>>
>>>>> On 5/8/2013 12:10 PM, John Zavgren wrote:
>>>>>> Greetings:
>>>>>>
>>>>>> I added a test for the leading dollar sign character in cookie names:
>>>>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.03/
>>>>>>
>>>>>> Thanks!
>>>>>> John
>>>>>>
>>>>>>
>>>>>> On 05/08/2013 08:33 AM, Michael McMahon wrote:
>>>>>>> On 08/05/13 09:50, Chris Hegarty wrote:
>>>>>>>> On 08/05/2013 10:35, Michael McMahon wrote:
>>>>>>>>> On 07/05/13 14:43, Chris Hegarty wrote:
>>>>>>>>>> On 05/06/2013 10:28 PM, Kurchi Hazra wrote:
>>>>>>>>>>> This looks okay to me.
>>>>>>>>>> Source changes look fine to me too. Probably best to add a test
>>>>>>>>>> for '$'
>>>>>>>>>>
>>>>>>>>>> In fact, Michael actually removed such a test [1] during another
>>>>>>>>>> change. We should get positive agreement from Michael before
>>>>>>>>>> pushing
>>>>>>>>>> this.
>>>>>>>>>>
>>>>>>>>> Yes, that was a positive test for for a cookie whose name began
>>>>>>>>> with '$'.
>>>>>>>>> I agree we should add a negative test now for a similar cookie.
>>>>>>>>>
>>>>>>>>> Source changes look fine to me too.
>>>>>>>> Thanks Michael,
>>>>>>>>
>>>>>>>> In which case, I believe the check that a cookie the name
>>>>>>>> '$Customer' throws IAE can be re-instated in TestHttpCookie.java
>>>>>>>>
>>>>>>> Right. I didn't realise the test was able to handle the IAE. I see
>>>>>>> now that it does and it should
>>>>>>> be possible to put the same test back.
>>>>>>>
>>>>>>> Michael
>>>>>>>> -Chris.
>>>>>>>>
>>>>>>>>> Michael
>>>>>>>>>
>>>>>>>>>> -Chris.
>>>>>>>>>>
>>>>>>>>>> [1] http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/7bd32bfc0539
>>>>>>>>>>
>>>>>>>>>>> - Kurchi
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 5/2/2013 10:09 AM, John Zavgren wrote:
>>>>>>>>>>>> All:
>>>>>>>>>>>> My original email was mangled by my email program
>>>>>>>>>>>> (stbeehive/zimbra)
>>>>>>>>>>>> ... so I'm sending a second correctly formatted copy.
>>>>>>>>>>>>
>>>>>>>>>>>> I'm sorry for the inconvenience.
>>>>>>>>>>>>
>>>>>>>>>>>> John
>>>>>>>>>>>> ---------------
>>>>>>>>>>>>
>>>>>>>>>>>> Please consider the following change to the cookie constructor:
>>>>>>>>>>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.01/
>>>>>>>>>>>> <http://cr.openjdk.java.net/%7Ejzavgren/7188517/webrev.01/>
>>>>>>>>>>>>
>>>>>>>>>>>> Basically there are two issues:
>>>>>>>>>>>>
>>>>>>>>>>>> 1.) the existing cookie constructor was allowing cookie
>>>>>>>>>>>> names to
>>>>>>>>>>>> have
>>>>>>>>>>>> a dollar sign as their leading character,
>>>>>>>>>>>> which is "illegal". The constructor code was modified to
>>>>>>>>>>>> disallow
>>>>>>>>>>>> these illegal names.
>>>>>>>>>>>>
>>>>>>>>>>>> 2.) the API document (notice the specdiff:
>>>>>>>>>>>> http://cr.openjdk.java.net/~jzavgren/7188517/specDiff/
>>>>>>>>>>>> <http://cr.openjdk.java.net/%7Ejzavgren/7188517/specDiff/>)
>>>>>>>>>>>> prohibited
>>>>>>>>>>>> the use of cookie names that are one of the tokens reserved for
>>>>>>>>>>>> use by
>>>>>>>>>>>> the cookie protocol, and this restriction is not necessary.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks!
>>>>>>>>>>>> John Zavgren
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>> From: john.zavgren at oracle.com
>>>>>>>>>>>> To: net-dev at openjdk.java.net
>>>>>>>>>>>> Sent: Thursday, May 2, 2013 10:36:38 AM GMT -05:00 US/Canada
>>>>>>>>>>>> Eastern
>>>>>>>>>>>> Subject: RFR JDK7188517
>>>>>>>>>>>>
>>>>>>>>>>>> Greetings: Please consider the following change to the cookie
>>>>>>>>>>>> constructor:
>>>>>>>>>>>> http://cr.openjdk.java.net/~jzavgren/7188517/webrev.01/
>>>>>>>>>>>> Basically there are two issues: 1.) the existing cookie
>>>>>>>>>>>> constructor
>>>>>>>>>>>> was allowing cookie names to have a dollar sign as their
>>>>>>>>>>>> leading
>>>>>>>>>>>> character, which is "illegal". The constructor code was
>>>>>>>>>>>> modified to
>>>>>>>>>>>> disallow these illegal names. 2.) the API document (notice the
>>>>>>>>>>>> specdiff:
>>>>>>>>>>>> http://cr.openjdk.java.net/~jzavgren/7188517/specDiff/)
>>>>>>>>>>>> prohibited the use of cookie names that are one of the tokens
>>>>>>>>>>>> reserved
>>>>>>>>>>>> for use by the cookie protocol, and this restriction is not
>>>>>>>>>>>> necessary.
>>>>>>>>>>>> Thanks! John Zavgren
>>>>>>>>>>> --
>>>>>>>>>>> -Kurchi
>>>>>>>>>>>
>>>>>>
>>
>>
>
>

More information about the net-dev mailing list