diff --git a/src/fr/devinsy/kiss4web/CookieHelper.java b/src/fr/devinsy/kiss4web/CookieHelper.java index 23559f2..24b5269 100644 --- a/src/fr/devinsy/kiss4web/CookieHelper.java +++ b/src/fr/devinsy/kiss4web/CookieHelper.java @@ -1,5 +1,7 @@ package fr.devinsy.kiss4web; +import java.io.UnsupportedEncodingException; + import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -33,28 +35,36 @@ public class CookieHelper } /** - * + * Warning: value is UTF-8 URLEncoded! */ static public Cookie buildCookie(final String name, final String value, final int duration, final Scope secure) { Cookie result; // - result = new Cookie(name, value); - result.setMaxAge(duration); - result.setPath("/"); + try + { + result = new Cookie(name, java.net.URLEncoder.encode(value, "UTF-8")); + result.setMaxAge(duration); + result.setPath("/"); - // - boolean secureValue; - if (secure == Scope.HTTPS_ONLY) - { - secureValue = true; + // + boolean secureValue; + if (secure == Scope.HTTPS_ONLY) + { + secureValue = true; + } + else + { + secureValue = false; + } + result.setSecure(secureValue); } - else + catch (UnsupportedEncodingException exception) { - secureValue = false; + exception.printStackTrace(); + throw new IllegalArgumentException("value is unsupported encoding."); } - result.setSecure(secureValue); // return (result); @@ -135,21 +145,29 @@ public class CookieHelper } /** - * + * Note: value is UTF-8 decoded. */ static public Object getCookieValue(final Cookie[] cookies, final String key) { Object result; - Cookie cookie = getCookie(cookies, key); + try + { + Cookie cookie = getCookie(cookies, key); - if (cookie == null) - { - result = null; + if (cookie == null) + { + result = null; + } + else + { + result = java.net.URLDecoder.decode(cookie.getValue(), "UTF-8"); + } } - else + catch (UnsupportedEncodingException exception) { - result = cookie.getValue(); + exception.printStackTrace(); + throw new IllegalArgumentException(); } //