Thanks for the explanation. We're updating Radiant CMS to Rails 2.0 and, because the framework is already frozen in the project, I have simply updated its javascript to do encoding of values.
Still, maybe the revert should be backported to stable. I can't estimate how many people out there are writing comma-delimited values via javascripts, but whoever did it's broken if they update to Rails 2.0.2. 2008/2/2 Jeremy Kemper <[EMAIL PROTECTED]>: > On 2/1/08, Mislav Marohnić <[EMAIL PROTECTED]> wrote: > > Bitsweat, in his Ruby 1.9 compat frenzy (awesome work, BTW), made this > > change to CGI::Cookie: > > http://dev.rubyonrails.org/changeset/8405 > > > > A comma has been added to raw_cookie.split delimiter. Why? Cookies not > set > > from Rails with values like "foo,bar" won't work anymore, only "foo" > will be > > preserved. Are we supposed to encode the comma in cookies when saving > them > > in JavaScript from now on? > > > > In other words (in JavaScript): > > > > document.cookie = "expanded_rows=3,5,7; path=/admin"; > > > > this cookie won't get properly parsed server-side (only "3" will be > > preserved). Now we have to: > > > > document.cookie = "expanded_rows=" + encodeURIComponent("3,5,7") + "; > > path=/admin"; > > > > I noticed this broke in Radiant (and took an hour to track down), so I > > wondered why is this Ruby 1.9 compat. Thanks > > It isn't for compatibility: we forked Ruby's cookie parsing years ago > and I imported the intervening changes. > > According to RFC 2109, commas aren't allowed in the cookie value and > should be encoded. Nor may they contain ()<>@;:\"/[]?={} or space or > tab. > > However, splitting on comma is just a 'should' so I'll revert. > > Best, > jeremy > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
