help-cgicc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [help-cgicc] + in cookie value?

From: Stephen F. Booth
Subject: RE: [help-cgicc] + in cookie value?
Date: Wed, 4 Sep 2002 10:51:42 -0400 
I was looking over RFC 2109 at http://www.ietf.org/rfc/rfc2109.txt and I
believe (but am not sure) that special characters do NOT need to be
escaped out:

NAME=VALUE
      Required.  The name of the state information ("cookie") is NAME,
      and its value is VALUE.  NAMEs that begin with $ are reserved for
      other uses and must not be used by applications.

      The VALUE is opaque to the user agent and may be anything the
      origin server chooses to send, possibly in a server-selected
      printable ASCII encoding.  "Opaque" implies that the content is of
      interest and relevance only to the origin server.  The content
      may, in fact, be readable by anyone that examines the Set-Cookie
      header.

The bug you allude to is is CgiEnvironment.cpp:parseCookie()- I will fix
it.

Thanks!

> -----Original Message-----
> From: address@hidden [mailto:address@hidden On
Behalf
> Of Dr Andreas F Muller
> Sent: Tuesday, September 03, 2002 6:56 PM
> To: address@hidden
> Subject: [help-cgicc] + in cookie value?
> 
> Hello,
> 
> I've written a CGI programm that creates a cookie with a + in the
> value. When the browser sends the next request, I still see the +
> in the CGI environment (I always write the environment to a file,
> so I can easily check that). But when I fetch the HTTPCookie from
> getCookieList(), and look at the value, the + have been converted
> into  blanks.  I  don't  really  know  whether + in cookie values
> should be escaped, but that is not the problem here. The  problem
> is that a cookie set with cgicc should retain the same value when
> retrieved with cgicc. If the getValue method finds fit to replace
> +  by  blank, then the setValue method should escape the +. But I
> believe the right way is that getValue should not  replace  +  by
> blank in the first place.
> 
> Mit herzlichem Gruss
> 
>                                         Andreas Mueller
> 
> ------------------------------------------------------------
> Dr. Andreas Mueller                 Beratung und Entwicklung
> Bubental 53, CH - 8852 Altendorf            <address@hidden>
> Voice: +41 55 462 1483             Fax/Data: +41 55 462 1485
> ------------------------------------------------------------
> 
> 
> 
> _______________________________________________
> help-cgicc mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/help-cgicc
reply via email to
[Prev in Thread] Current Thread [Next in Thread]