Page History

Invalid syntax will result in a user-data log entry and cookies being dropped rather than throwing of an IAE. Application impact is that requests with an invalid Cookie header will now be dispatched to the application. "Dropping a cookie" means an invalid cookie will not appear in the list returned by [HttpServletRequest]#getCookiesHttpServletRequest#getCookies(). An application will still be able to access the original Cookie header and may perform its own parsing.

Stop modifying the header in-situ as part of the de-escaping process so that an application can elect to perform its own parsing by calling getHeader("Cookie"). Eliminate the need for the PRESERVE_COOKIE_HEADER property that currently controls whether a copy of the header is made if modifications are needed. Perform de-escaping during the copy needed to convert the [MessageBytes] to the String in Cookie#value, possibly during any conversation process needed to handle UTF-8.