Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.
The "Cookies" page has been changed by jboynes: https://wiki.apache.org/tomcat/Cookies?action=diff&rev1=13&rev2=14 == Generating the Set-Cookie header by Tomcat == - TODO: Need to define behaviour for each of the issues above. + === Requirements as defined by the specifications === + ||'''Requirement'''||'''Servlet'''||'''Netscape'''||'''RFC2109'''||'''RFC6265'''|| + ||Format of name||Must conform to RFC2109. Vendors may provide option to allow Netscape format||A sequence of characters excluding semi-colon, comma and white space. Browsers generally stop at first equals,||token||token|| + ||Format of value||The value can be anything the server chooses to send. With Version 0 cookies, values should not contain white space, brackets, parentheses, equals signs, commas, double quotes, slashes, question marks, at signs, colons, and semicolons. Empty values may not behave the same way on all browsers.||This string is a sequence of characters excluding semi-colon, comma and white space.||token | quoted-string||cookie-value|| + ||Domain||String, per RFC2109||domain=DOMAIN_NAME||"Domain" "=" value||"Domain=" domain-value|| + ||Path||String, per RFC2109||path=PATH||"Path" "=" value||"Path=" path-value|| + ||Secure||boolean||secure||"Secure"||"Secure"|| + ||HttpOnly||boolean||N/A||N/A||"HttpOnly"|| + ||Expires||N/A||expires=DATE as "Wdy, DD-Mon-YYYY HH:MM:SS GMT"||N/A||"Expires=" sane-cookie-date|| + ||Max-Age||int in seconds||N/A||"Max-Age" "=" value||"Max-Age=" non-zero-digit *DIGIT|| + ||Comment||String||N/A||"Comment" "=" value||allowed by extension|| + ||Version||int (0 or 1)||N/A||"Version" "=" 1*DIGIT||allowed by extension|| + ||Extension||N/A||N/A||N/A||any CHAR except CTLs or ";"|| + + === Current Implementation === + TODO: write up + === Proposed Implementation === + TBD + + == RFC2616 definitions == + {{{ + token = 1*<any CHAR except CTLs or separators> + separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <"> | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT + CHAR = <any US-ASCII character (octets 0 - 127)> + CTL = <any US-ASCII control character (octets 0 - 31) and DEL (127)> + quoted-string = ( <"> *(qdtext | quoted-pair ) <"> ) + qdtext = <any TEXT except <">> + quoted-pair = "\" CHAR + TEXT = <any OCTET except CTLs, but including LWS> + rfc1123-date = wkday "," SP date1 SP time SP "GMT" + }}} + == RFC6265 definitions == + {{{ + cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE ) + cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E + domain-value = <subdomain> ; defined in [RFC1034], Section 3.5, as enhanced by [RFC1123], Section 2.1 + path-value = <any CHAR except CTLs or ";"> + sane-cookie-date = <rfc1123-date, defined in [RFC2616], Section 3.3.1> + }}} == References == 1. [[http://www.ietf.org/mail-archive/web/http-state/current/msg01232.html|RFC6265 discussion on 0x80-0xFF]] --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
