On Friday 23 July 2010 19:21:16 Michelle Konzack wrote: > ..but it MUST not be quoted, otherwise it is a misinterpretation of the > server reading the cookies. The first equal-sign (=) is the seperator. > > There is nothing in the specification which require QUOTES.
I had a quick look at rfc 2109, and I couldn't find a place where it says "it MUST not be quoted". Where did you get that information? It does say in section 4.1 that cookies value syntax is: token | quoted-string But in the example section 5.1, the quotes are not stripped! My problem is when the value is a quoted-string. > Question: Which ERRORS do you have and which server and > other software are you using on the server side? I encoutered that problem with my bank website. https://www.coopanet.com/banque/sso/co/connexion.do I have no idea what software they are using, and obvisouly I'll not post my login/password here. The error is that I cannot login. Maybe the way they analyze the cookie value, and their quotes, is not in the best practices, but I will not contact them about that, while other http clients work fine. I spent a full day pinpointing the error to the missing quotes. Believe me, this is what causes the problem. > Sending a bugreport du to missing quotes is worthless, if you can not > provide any error messages du to the missing quotes. Allow me to disagree with you. I tried curl and iceweasel, and both works ok with that website. And they do not remove the quotes when there are some. It would have save me some time if I had known about that earlier. If, as you suggest, "there is nothing in the specification which require quotes", why not store it as the first character of the value? I guess that's what other http clients do. Peace -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org