[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [help-cgicc] + in cookie value?
From: |
Stephen F. Booth |
Subject: |
RE: [help-cgicc] + in cookie value? |
Date: |
Wed, 4 Sep 2002 10:51:42 -0400 |
I was looking over RFC 2109 at http://www.ietf.org/rfc/rfc2109.txt and I
believe (but am not sure) that special characters do NOT need to be
escaped out:
NAME=VALUE
Required. The name of the state information ("cookie") is NAME,
and its value is VALUE. NAMEs that begin with $ are reserved for
other uses and must not be used by applications.
The VALUE is opaque to the user agent and may be anything the
origin server chooses to send, possibly in a server-selected
printable ASCII encoding. "Opaque" implies that the content is of
interest and relevance only to the origin server. The content
may, in fact, be readable by anyone that examines the Set-Cookie
header.
The bug you allude to is is CgiEnvironment.cpp:parseCookie()- I will fix
it.
Thanks!
> -----Original Message-----
> From: address@hidden [mailto:address@hidden On
Behalf
> Of Dr Andreas F Muller
> Sent: Tuesday, September 03, 2002 6:56 PM
> To: address@hidden
> Subject: [help-cgicc] + in cookie value?
>
> Hello,
>
> I've written a CGI programm that creates a cookie with a + in the
> value. When the browser sends the next request, I still see the +
> in the CGI environment (I always write the environment to a file,
> so I can easily check that). But when I fetch the HTTPCookie from
> getCookieList(), and look at the value, the + have been converted
> into blanks. I don't really know whether + in cookie values
> should be escaped, but that is not the problem here. The problem
> is that a cookie set with cgicc should retain the same value when
> retrieved with cgicc. If the getValue method finds fit to replace
> + by blank, then the setValue method should escape the +. But I
> believe the right way is that getValue should not replace + by
> blank in the first place.
>
> Mit herzlichem Gruss
>
> Andreas Mueller
>
> ------------------------------------------------------------
> Dr. Andreas Mueller Beratung und Entwicklung
> Bubental 53, CH - 8852 Altendorf <address@hidden>
> Voice: +41 55 462 1483 Fax/Data: +41 55 462 1485
> ------------------------------------------------------------
>
>
>
> _______________________________________________
> help-cgicc mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/help-cgicc