问题:
使用tomcat时,若某个cookie的值中含有等号,则从request.getCookies()再getValue()后会丢失等号之后的内容,例如:若cookie为ninfo=id=123&name=zhangshan;ntime=20150731,则从request.getCookies()取得名为ninfo的cookie值为“id",而不是期望的“id=123&name=zhangshan”。
而同样的代码在jetty中就可正常取得。
对于这个问题,https://issues.apache.org/bugzilla/show_bug.cgi?id=44679这个链接里面有讨论.
核心内容为:
org.apache.tomcat.util.http.ServerCookie. ALLOW_EQUALS_IN_VALUE system property was introduced in Tomcat 6.0.24.
Tomcat truncating cookies with = values
Starting with Tomcat 6.0.18 and in Tomcat 7.x any cookie containing a “=” will be truncated. Where you would expect your cookie to hold all values, e.g. “value1=myname&value2=password” you will only be able to retrieve the “value1=”.
This is because Tomcat now adheres to the cookie spec more tightly than previous versions. If you are in control of the cookie you might be able to change it and work around this. If not, then you can can change the settings within the catalina.properties file by appending the following two settings:
org.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true
org.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0=true
解决:
在tomcat的catalina.sh里加入一行
CATALINA_OPTS="$CATALINA_OPTS -Dorg.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true -Dorg.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0=true"
参考:
http://bingoohuang.iteye.com/blog/1401461
http://thenitai.com/2013/05/02/tomcat-truncating-cookies-with-values/