| Re: [servlet-dev] EE10 TCK cookie test question |
On 23/09/2022 20:28, pmd1nh-bus@xxxxxxxxxxx wrote:
Hi,In the TCK cookie TestServlet, the getDomainTest() looks for a cookie "$Domain".https://github.com/eclipse-ee4j/jakartaee-tck/blob/master/src/com/sun/ts/tests/servlet/api/jakarta_servlet_http/cookie/TestServlet.java#L196 <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_eclipse-2Dee4j_jakartaee-2Dtck_blob_master_src_com_sun_ts_tests_servlet_api_jakarta-5Fservlet-5Fhttp_cookie_TestServlet.java-23L196&d=DwMFAw&c=jf_iaSHvJObTbx-siA1ZOg&r=9C4a3aHxnMXQDcmdNsTtD8Wble9v2OY7sISUZ_ShTds&m=fIcKeskfCwAWPBJVFdYotEsarOI0klOjdOsRY7oRzs2u-4bGsBSMh5YLrQyLTdlt&s=abP9iStnGUXpbuBZcLG-VTHfLL1_0O7bMnqObl1OMxg&e=>The comment in that class is confusing. // RFC 6265 treats the domain attribute of an RFC 2109 cookie as a separate // cookie Why do we want to turn an attribute into a new and separate cookie?
RFC 6265 does not recognize RFC 2109 attributes and treats them as separate cookies.
Servlet 6 *only* supports RFC 6265 so if an RFC 2109 cookie is sent by the client, it will be seen as multiple cookies.
The changes to the TCK were done that way partly as it was a minimal change that allowed the TCK to pass and partly as it ensures that cookies are being processed based on RFC 6265 and not RFC 2109 or any of the other old cookie specs.
How do we suppose to associate a Domain attribute to a request's Cookie if the $Domain now turning into a separate cookie?
You don't. RFC 2109 cookies are no longer supported.
Same goes for the getPathTest().
Same explanation as above.
Also, both of these tests refer to getDomain() and getPath() respectively in their log statements;
Those could be improved.
Are these tests supposed to verify the getDomain() and getPath() that sent via the request's Cookie?
No. The tests are intended to ensure that an RFC 2109 compliant cookie sent by the client is processed as expected as per the requirements of RFC 6265.
Mark