JBoss EAP 7 parses a request cookie incorrectly when a backslash-escaped double quote exists in the quoted cookie value

Solution Unverified - Updated

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 7.x

Issue

JBoss EAP 7 parses a request cookie incorrectly when a backslash-escaped double quote exists in the quoted cookie value.

For example, a quoted cookie value "example \"cookie\" value" is parsed incorrectly as example \. So, Content from docs.oracle.com is not included.Cookie#getValue() returns the incorrect cookie value example \, but it should be example "cookie" value. Note that the correct value example "cookie" value is returned in JBoss EAP 6.x.

  • example.jsp
<%
Cookie[] cookies = request.getCookies();
for (Cookie cookie: cookies) {
    out.println("cookie key = " + cookie.getName());
    out.println("cookie val = " + cookie.getValue());
}
%>
  • Send a request with a cookie having a backslash-escaped double quote exists in the quoted cookie value:
$ curl -v http://localhost:8080/test/example.jsp -H 'Cookie: EXAMPLECOOKIE="example \"cookie\" value"'
...
> GET /test/example.jsp HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:8080
> Accept: */*
> Cookie: EXAMPLECOOKIE="example \"cookie\" value"
> 
< HTTP/1.1 200 OK
< Connection: keep-alive
< X-Powered-By: Undertow/1
< X-Powered-By: JSP/2.3
< Server: JBoss-EAP/7
< ....
< 
cookie key = EXAMPLECOOKIE
cookie val = example \

Resolution

This is a bug in JBoss EAP 7. The following JIRAs are raised to improve a request cookie handling in the future releases (tentatively EAP 7.2.1 or later):

SBR
Product(s)
Components
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.