On 2/1/08, Mislav Marohnić <[EMAIL PROTECTED]> wrote:
> Bitsweat, in his Ruby 1.9 compat frenzy (awesome work, BTW), made this
> change to CGI::Cookie:
> http://dev.rubyonrails.org/changeset/8405
>
> A comma has been added to raw_cookie.split delimiter. Why? Cookies not set
> from Rails with values like "foo,bar" won't work anymore, only "foo" will be
> preserved. Are we supposed to encode the comma in cookies when saving them
> in JavaScript from now on?
>
> In other words (in JavaScript):
>
> document.cookie = "expanded_rows=3,5,7; path=/admin";
>
> this cookie won't get properly parsed server-side (only "3" will be
> preserved). Now we have to:
>
> document.cookie = "expanded_rows=" + encodeURIComponent("3,5,7") + ";
> path=/admin";
>
> I noticed this broke in Radiant (and took an hour to track down), so I
> wondered why is this Ruby 1.9 compat. Thanks
It isn't for compatibility: we forked Ruby's cookie parsing years ago
and I imported the intervening changes.
According to RFC 2109, commas aren't allowed in the cookie value and
should be encoded. Nor may they contain ()<>@;:\"/[]?={} or space or
tab.
However, splitting on comma is just a 'should' so I'll revert.
Best,
jeremy
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Core" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-core?hl=en
-~----------~----~----~----~------~----~------~--~---
