cookie store/retrieve base64 equals sign
Brought to you by:
chris_schultz,
maxcooper
Menu
▾
▴
Theres a problem with the remember me functionality… it is based on BASE64 encoding storing this value in a cookie, but base64 encoded text can contain equals signs which cannot be stored and retrieved in cookies. Adding some logic to search replace equals signs with some other char before storage in the cookie is a work around. Suggest changing it to use some other type of encoding before storing in a cookie as suggested here http://stackoverflow.com/questions/1693174/jboss-5-truncates-trailing-of-a-base64-cookie-string
Equals signs can certainly be stored in cookies, they just have to be properly-quoted. The easiest thing to do is use a V1 cookie.
You can patch the sf trunk code (or even release code) by adding:
usernameCookie.setVersion(1);
and
passwordCookie.setVersion(1);
to the DefaultPersistentLoginManager.rememberLogin method.
I'll look at patching trunk in a similar way.