From 524c5b1fa62771dfe54ba6c5ddcc18e5ca2db9da Mon Sep 17 00:00:00 2001
From: "Christian P. MOMON" <christian.momon@devinsy.fr>
Date: Tue, 3 Dec 2013 17:02:11 +0100
Subject: [PATCH] Fix bug with cookie value which need to be encoded/decoded.

---
 src/fr/devinsy/kiss4web/CookieHelper.java | 56 +++++++++++++++--------
 1 file changed, 37 insertions(+), 19 deletions(-)

diff --git a/src/fr/devinsy/kiss4web/CookieHelper.java b/src/fr/devinsy/kiss4web/CookieHelper.java
index 23559f2..24b5269 100644
--- a/src/fr/devinsy/kiss4web/CookieHelper.java
+++ b/src/fr/devinsy/kiss4web/CookieHelper.java
@@ -1,5 +1,7 @@
 package fr.devinsy.kiss4web;
 
+import java.io.UnsupportedEncodingException;
+
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -33,28 +35,36 @@ public class CookieHelper
 	}
 
 	/**
-	 *
+	 * Warning: value is UTF-8 URLEncoded!
 	 */
 	static public Cookie buildCookie(final String name, final String value, final int duration, final Scope secure)
 	{
 		Cookie result;
 
 		//
-		result = new Cookie(name, value);
-		result.setMaxAge(duration);
-		result.setPath("/");
+		try
+		{
+			result = new Cookie(name, java.net.URLEncoder.encode(value, "UTF-8"));
+			result.setMaxAge(duration);
+			result.setPath("/");
 
-		//
-		boolean secureValue;
-		if (secure == Scope.HTTPS_ONLY)
-		{
-			secureValue = true;
+			//
+			boolean secureValue;
+			if (secure == Scope.HTTPS_ONLY)
+			{
+				secureValue = true;
+			}
+			else
+			{
+				secureValue = false;
+			}
+			result.setSecure(secureValue);
 		}
-		else
+		catch (UnsupportedEncodingException exception)
 		{
-			secureValue = false;
+			exception.printStackTrace();
+			throw new IllegalArgumentException("value is unsupported encoding.");
 		}
-		result.setSecure(secureValue);
 
 		//
 		return (result);
@@ -135,21 +145,29 @@ public class CookieHelper
 	}
 
 	/**
-	 *
+	 * Note: value is UTF-8 decoded.
 	 */
 	static public Object getCookieValue(final Cookie[] cookies, final String key)
 	{
 		Object result;
 
-		Cookie cookie = getCookie(cookies, key);
+		try
+		{
+			Cookie cookie = getCookie(cookies, key);
 
-		if (cookie == null)
-		{
-			result = null;
+			if (cookie == null)
+			{
+				result = null;
+			}
+			else
+			{
+				result = java.net.URLDecoder.decode(cookie.getValue(), "UTF-8");
+			}
 		}
-		else
+		catch (UnsupportedEncodingException exception)
 		{
-			result = cookie.getValue();
+			exception.printStackTrace();
+			throw new IllegalArgumentException();
 		}
 
 		//