On Mon, Dec 28, 2009 at 11:32:52AM +0100, Marc Lehmann wrote: > On Mon, Dec 28, 2009 at 11:09:23AM +0100, Mike Hommey <[email protected]> > wrote: > > > So evidence at the moment clearly points to the *existing* situation > > > breaking stuff, with no evidence to the fix breaking stuff. > > > > Have you tried to send escaped cookies to the google servers ? > > After I pointed out in my previous mail that google *servers* are not > even involved in the bug or the example given, could you explain the > significance of this question first? It seems to me that there is some > deep misunderstanding and confusion regarding *servers* vs. *cookies*. > > Besides, I doubt that google servers would be unable to accept properly > formatted cookies sent by other browsers, but you never know, of course. > > In any case, the bugreport is pretty clear, the bug is pretty obvious, and > if there is anything in the report is unclear I will happily clarify it.
Let me make things clear: if we ever change the way the Cookies are sent to the servers, this will matter to those servers that do set cookies with unquoted =. And google servers are such servers. So if escaping cookies is going to break interaction with google servers, it's definitely a stopper. Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

