diff -r 1bb9641713ec Lib/http/cookiejar.py
--- a/Lib/http/cookiejar.py	Wed Feb 25 16:47:20 2015 -0500
+++ b/Lib/http/cookiejar.py	Fri Feb 27 08:31:38 2015 -0800
@@ -474,7 +474,13 @@
         version_set = False
         for ii, param in enumerate(re.split(r";\s*", ns_header)):
             param = param.rstrip()
-            if param == "": continue
+            if param == "":
+                # RFC 6265, Section 5.2:
+                # If the name string is empty, ignore the set-cookie-string
+                # entirely. (The 0th element is the name string)
+                if ii == 0:
+                    break
+                continue
             if "=" not in param:
                 k, v = param, None
             else:
diff -r 1bb9641713ec Lib/test/test_http_cookiejar.py
--- a/Lib/test/test_http_cookiejar.py	Wed Feb 25 16:47:20 2015 -0500
+++ b/Lib/test/test_http_cookiejar.py	Fri Feb 27 08:31:38 2015 -0800
@@ -1092,6 +1092,8 @@
             c.extract_cookies(r, req)
             return c
 
+        future = time2netscape(time.time()+3600)
+
         # none of these bad headers should cause an exception to be raised
         for headers in [
             ["Set-Cookie: "],  # actually, nothing wrong with this
@@ -1102,6 +1104,8 @@
             ["Set-Cookie: b=foo; max-age=oops"],
             # bad version
             ["Set-Cookie: b=foo; version=spam"],
+            # missing name (issue 23138)
+            ["Set-Cookie:; Expires=%s" % future],
             ]:
             c = cookiejar_from_cookie_headers(headers)
             # these bad cookies shouldn't be set