Oscar Figueiredo wrote at 2005-6-13 19:38 +0200:
>I wonder why ZPublisher/HTTPResponse.py adds double quotes to cookie values
>when creating the Set-Cookie HTTP header (see function _cookie_list) ?
>Browsers (Firefox at least) seem to consider these quotes as part of the value
>which can be problematic.

A cookie value must not contain some characters -- unless it is quoted.
Therefore, Zope quotes the values (to avoid problems when you forgot
to quote yourself).

HTTP clients should not interprete the cookie value but handle
it as an opaque item.

This means a client should not have a problem with a quoted value.

> ...
>Should I submit a patch to the maintainers ?

I expect your acceptance chances as small...

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to