Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.

From:	Eli Zaretskii
Subject:	Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Date:	Fri, 09 Sep 2016 22:49:07 +0300

> From: Alain Schneble <address@hidden>
> CC: <address@hidden>, <address@hidden>, <address@hidden>,
>       <address@hidden>
> Date: Fri, 9 Sep 2016 21:47:23 +0200
> 
> > That's not the issue.  The issue is whether a cookie-value can
> > legitimately have non-ASCII characters.  If it can, then we must
> > _encode_ the cookie-value, as that is the only correct way of getting
> > a unibyte string from non-ASCII characters.  And you pointed to an RFC
> > that seems to say non-ASCII characters in cookies are possible.
> 
> Yes true, but I thought that maybe fixing this as described could be a
> viable non-invasive alternative for the upcoming 25.1 release.

It wouldn't be safe if cookies could include non-ASCII characters.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., (continued)
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Lars Ingebrigtsen, 2016/09/07

Prev by Date: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Next by Date: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Previous by thread: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Next by thread: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Index(es):
- Date
- Thread