Luke Plant added the comment:
I'm a core developer on Django, and I've looked into cookies a lot, and also
Python's SimpleCookie, and I've found that all accepted RFCs are completely
irrelevant for this issue.
No accepted RFC was ever widely implemented - instead browsers mainly did
Luke Plant l.plant...@cantab.net added the comment:
David,
Thanks again for the time on this. Can I push to get the patches included, or
is there work that still needs to be done on the patches now that the idea is
accepted in principle? I did experiment with a few approaches to implement
Luke Plant l.plant...@cantab.net added the comment:
First, I agree with others who say that RFCs are basically irrelevant for
cookies. For Django we've discovered this in various ways e.g. issue 9824 -
http://bugs.python.org/issue9824 - which has now been applied. We have also had
to work
Luke Plant l.plant...@cantab.net added the comment:
Same patch backported to python 2.7 branch
--
Added file: http://bugs.python.org/file22514/issue2193_patch_python27.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2193
Luke Plant l.plant...@cantab.net added the comment:
Found a bug with patch - this supersedes old one.
--
Added file: http://bugs.python.org/file22515/issue2193_patch_2_trunk.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org
Luke Plant l.plant...@cantab.net added the comment:
Same against Python 2.7
--
Added file: http://bugs.python.org/file22516/issue2193_patch_2_python27.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2193
Changes by Luke Plant l.plant...@cantab.net:
Removed file: http://bugs.python.org/file22513/issue2193_patch_trunk.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2193
Changes by Luke Plant l.plant...@cantab.net:
Removed file: http://bugs.python.org/file22514/issue2193_patch_python27.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2193
Luke Plant l.plant...@cantab.net added the comment:
I had a quick look, and there are these relevant bits:
There are two audiences for this specification: developers of
cookie-generating servers and developers of cookie-consuming user agents.
And:
To maximize interoperability with user
Luke Plant l.plant...@cantab.net added the comment:
@ David Murray:
Thanks for taking the time to look at this - can I trouble you to keep going
and read my response?
Thanks.
You wrote:
IMO the thing that needs to be fixed here is that receiving an invalid cookie
makes it difficult
New submission from Luke Plant l.plant...@cantab.net:
Docs for SimpleCookie, BaseCookie.value_encode and BaseCookie.value_decode are
obviously incorrect. Attempt at patch attached.
The error has existed in every Python version I've seen, I've tagged the ones I
believe can receive fixes
New submission from Luke Plant l.plant...@cantab.net:
In developing Django, we found that some browsers don't treat commas and
semi-colons in cookie values (i.e. the Set-Cookie header) the way that RFC 2109
says they should. (Safari splits the header on a comma followed by space,
Internet
Luke Plant l.plant...@cantab.net added the comment:
I forgot to mention backwards compatibility:
In the context of Cookie being used in a web application, if developers were
relying on literal commas and semi-colons being present in the client side
cookie value (e.g. in javascript), the patch
13 matches
Mail list logo
