#7183: sessionid broken by jsession
---------------------------------------------+------------------------------
Reporter: mbeattie | Owner: nobody
Status: reopened | Milestone: post-1.0
Component: HTTP handling | Version: SVN
Resolution: | Keywords: wsgi session
Stage: Design decision needed | Has_patch: 1
Needs_docs: 0 | Needs_tests: 1
Needs_better_patch: 1 |
---------------------------------------------+------------------------------
Changes (by mir):
* needs_better_patch: 0 => 1
* stage: Accepted => Design decision needed
* needs_tests: 0 => 1
* milestone: => post-1.0
Comment:
Thanks for digging this up!
According to rfcs 2965 and 2616, the cookie name is a {{{token}}} and
cannot contain colons. This is why the standard python Cookie library does
not accept cookie names with a colon in them, and it barfs if you feed it
a http header line with an illegal cookie.
It might make still sense to treat this better, so I put this into the
stage "Design decision needed" to let the core developers decide.
The patch is not very useful because it assumes a given session cookie
name and is a bit naive.
--
Ticket URL: <http://code.djangoproject.com/ticket/7183#comment:5>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
