#32191: Not RFC Compliant Cookie handling
----------------------------------+--------------------------------------
Reporter: Nico Giefing | Owner: nobody
Type: Bug | Status: closed
Component: HTTP handling | Version: 3.1
Severity: Normal | Resolution: wontfix
Keywords: Cookie malformed | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
----------------------------------+--------------------------------------
Changes (by Mariusz Felisiak):
* status: new => closed
* resolution: => wontfix
Comment:
Django uses Python's [https://docs.python.org/3/library/http.cookies.html
http.cookies.SimpleCookie] class, and as far as I'm aware we don't escape
any characters in Django. It looks that it has already been reported in
[https://bugs.python.org/ Python bug tracker], see
https://bugs.python.org/issue19670.
I don't think that we should switch to `BaseCookie`. You can start a
discussion on DevelopersMailingList if you don't agree.
--
Ticket URL: <https://code.djangoproject.com/ticket/32191#comment:4>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/063.dbe00031d23db285a5603483423fd371%40djangoproject.com.
