tomcat中接受请求中的cookie值若含有等号，等号后内容会丢失

问题：

使用tomcat时，若某个cookie的值中含有等号，则从request.getCookies()再getValue()后会丢失等号之后的内容,例如：若cookie为ninfo=id=123&name=zhangshan;ntime=20150731,则从request.getCookies()取得名为ninfo的cookie值为“id"，而不是期望的“id=123&name=zhangshan”。

而同样的代码在jetty中就可正常取得。

对于这个问题，https://issues.apache.org/bugzilla/show_bug.cgi?id=44679这个链接里面有讨论.

核心内容为：

org.apache.tomcat.util.http.ServerCookie. ALLOW_EQUALS_IN_VALUE system property was introduced in Tomcat 6.0.24.

Tomcat truncating cookies with = values

Starting with Tomcat 6.0.18 and in Tomcat 7.x any cookie containing a “=” will be truncated. Where you would expect your cookie to hold all values, e.g. “value1=myname&value2=password” you will only be able to retrieve the “value1=”.

This is because Tomcat now adheres to the cookie spec more tightly than previous versions. If you are in control of the cookie you might be able to change it and work around this. If not, then you can can change the settings within the catalina.properties file by appending the following two settings:

org.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true
org.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0=true

解决：

在tomcat的catalina.sh里加入一行

CATALINA_OPTS="$CATALINA_OPTS -Dorg.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true -Dorg.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0=true"

参考：

http://bingoohuang.iteye.com/blog/1401461

http://thenitai.com/2013/05/02/tomcat-truncating-cookies-with-values/

转载于:https://my.oschina.net/u/1377774/blog/485997