Andres Riancho <[EMAIL PROTECTED]> added the comment:
Sorry to bother you guys after so much time, but I think that there is
at least one bit of the RFC that isn't respected by this "name=value"
thing... If we look at the RFC we'll see this:
cookie-av = "Comment" "=" value
| "Domain" "=" value
| "Max-Age" "=" value
| "Path" "=" value
| "Secure"
| "Version" "=" 1*DIGIT
As you may have noticed, "Secure" doesn't have any values. Also, (but
out of the RFC) there is a commonly used cookie flag named "HttpOnly"
[0], which would be nice to correctly parse also.
Should _CookiePattern be modified to address this issue?
[0] http://www.owasp.org/index.php/HTTPOnly
----------
nosy: +andresriancho
_______________________________________
Python tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1028088>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
