Luke Plant added the comment:
I'm a core developer on Django, and I've looked into cookies a lot, and also
Python's SimpleCookie, and I've found that all accepted RFCs are completely
irrelevant for this issue.
No accepted RFC was ever widely implemented - instead
Luke Plant added the comment:
David,
Thanks again for the time on this. Can I push to get the patches included, or
is there work that still needs to be done on the patches now that the idea is
accepted in principle? I did experiment with a few approaches to implement, and
it seemed like the
Luke Plant added the comment:
@ David Murray:
Thanks for taking the time to look at this - can I trouble you to keep going
and read my response?
Thanks.
You wrote:
> IMO the thing that needs to be fixed here is that receiving an invalid cookie
> makes it difficult to receive the
Luke Plant added the comment:
I had a quick look, and there are these relevant bits:
<< There are two audiences for this specification: developers of
cookie-generating servers and developers of cookie-consuming user agents. >>
And:
<< To maximize interoperability with us
Changes by Luke Plant :
Removed file: http://bugs.python.org/file22514/issue2193_patch_python27.diff
___
Python tracker
<http://bugs.python.org/issue2193>
___
___
Pytho
Changes by Luke Plant :
Removed file: http://bugs.python.org/file22513/issue2193_patch_trunk.diff
___
Python tracker
<http://bugs.python.org/issue2193>
___
___
Python-bug
Luke Plant added the comment:
Same against Python 2.7
--
Added file: http://bugs.python.org/file22516/issue2193_patch_2_python27.diff
___
Python tracker
<http://bugs.python.org/issue2
Luke Plant added the comment:
Found a bug with patch - this supersedes old one.
--
Added file: http://bugs.python.org/file22515/issue2193_patch_2_trunk.diff
___
Python tracker
<http://bugs.python.org/issue2
Luke Plant added the comment:
Same patch backported to python 2.7 branch
--
Added file: http://bugs.python.org/file22514/issue2193_patch_python27.diff
___
Python tracker
<http://bugs.python.org/issue2
Luke Plant added the comment:
First, I agree with others who say that RFCs are basically irrelevant for
cookies. For Django we've discovered this in various ways e.g. issue 9824 -
http://bugs.python.org/issue9824 - which has now been applied. We have also had
to work around the s
New submission from Luke Plant :
Docs for SimpleCookie, BaseCookie.value_encode and BaseCookie.value_decode are
obviously incorrect. Attempt at patch attached.
The error has existed in every Python version I've seen, I've tagged the ones I
believe can receive fixes, sorry if I
Luke Plant added the comment:
I forgot to mention backwards compatibility:
In the context of Cookie being used in a web application, if developers were
relying on literal commas and semi-colons being present in the client side
cookie value (e.g. in javascript), the patch will introduce an
New submission from Luke Plant :
In developing Django, we found that some browsers don't treat commas and
semi-colons in cookie values (i.e. the Set-Cookie header) the way that RFC 2109
says they should. (Safari splits the header on a comma followed by space,
Internet Explorer splits on
13 matches
Mail list logo
