An invalid domain [.xxx.com] was specified for this cookie異常解決

在項目中須要向瀏覽器寫cookie，使用的是tomcat8.5，在寫cookie的時候設置了一級域名 如： .xxx.com , 可是在寫cookie的時候，拋出了異常:

An invalid domain [.xxx.com] was specified for this cookie

經查這種域名設置是cookie 版本0的遺留格式

在tomcat8.5上是使用org.apache.tomcat.util.http.Rfc6265CookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

This cookie processor is based on RFC6265 with the following changes to support better interoperability:

Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML 5.
For cookies without a value, the '=' is not required after the name as some browsers do not sent it.
The RFC 6265 cookie processor is generally more lenient than the legacy cookie parser. In particular:

The '=' and '/' characters are always permitted in a cookie value.
Name only cookies are always permitted.
The cookie header is always preserved.
No additional attributes are supported by the RFC 6265 Cookie Processor.

文檔地址

在tomcat8.0及如下使用的是org.apache.tomcat.util.http.LegacyCookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.LegacyCookieProcessor. Note that it is anticipated that this will change to org.apache.tomcat.util.http.Rfc6265CookieProcessor in a future Tomcat 8 release.

This is the legacy cookie parser based on RFC6265, RFC2109 and RFC2616. It implements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.

文檔地址

問題就能夠定位在CookieProcessor不一樣實現引發的。

解決辦法：

1. 針對於單獨使用Tomcat的用戶，修改tomcat的配置文件，設置tomcat使用LegacyCookieProcessor 來處理：

    修改tomcat的conf/context.xml 文件，在<Context></Context>中間加上：

    <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" /> 

以下：

<Context>

    <!-- Default set of monitored resources. If one of these changes, the    -->
    <!-- web application will be reloaded.                                   -->
    <WatchedResource>WEB-INF/web.xml</WatchedResource>
    <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>

	<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" /> 
    <!-- Uncomment this to disable session persistence across Tomcat restarts -->
    <!--
    <Manager pathname="" />
    -->
</Context>

而後重啓tomcat便可。

2. 若是使用的是springboot，則須要使用代碼進行配置：
 

/**
 * 解決cookie根域名設置問題
 * @author Declan
 */
@Configuration
public class CookieConfig {
    /**
     * 解決問題：
     * There was an unexpected error (type=Internal Server Error, status=500).
     * An invalid domain [.xxx.com] was specified for this cookie
     *
     * @return
     */
    @Bean
    public WebServerFactoryCustomizer<TomcatServletWebServerFactory> cookieProcessorCustomizer() {
        return (factory) -> factory.addContextCustomizers(
                (context) -> context.setCookieProcessor(new LegacyCookieProcessor()));
    }
}

還有一種解決辦法，就是在Tomcat8.5之後的版本，在配置域名的時候，不要在域名前加 "."， 配置以下：
 

ck.setDomain("xxx.com")

在tomcat8.5之前的版本，在域名前加 "." ， 配置以下：

ck.setDomain(".xxx.com")