[
https://issues.apache.org/jira/browse/HTTPCLIENT-1006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15798093#comment-15798093
]
Oleg Kalnichevski commented on HTTPCLIENT-1006:
-----------------------------------------------
Julian,
Roy T. Fielding may come forth in person and solemnly swear on health of his
mother-in-law that this is what the spec meant to say. This will not change the
fact that the spec says something else. The _real_ problem is that this
requirement is confusing not because it has not been articulated well enough
but because it makes little sense to start with.
Why would anyone in their sane mind allow enclosing quotes but disallow
whitespace, comma and backslash characters (precisely those things sane people
would use quotes with)? This is truly beyond me. Large areas of the spec seem
more concerned with producing rainbow farting unicorns and making everyone
friends than defining _simple_, _concise_ and logically _coherent_ rules.
Yes, given all that I would prefer to wait for a superseding RFC or at least
errata that clarifies the use of character escaping rules defined by the HTTP
spec (RFC 7230, section 3.2.6).
Oleg
> BrowserCompatSpec: don't trim " around cookie value
> ---------------------------------------------------
>
> Key: HTTPCLIENT-1006
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1006
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (classic)
> Affects Versions: 4.0.2
> Reporter: Marc Guillemot
>
> If the server sends a cookie header like:
> Set-Cookie: first="hello world"
> then HttpClient parses it as cookie with value >hello world<, wrongly
> removing the leading and trailing quotes. The incorrect quote removal occurs
> in BasicHeaderValueParser.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
