This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author BM
Recipients BM, BreamoreBoy, aclover, akuchling, carsten.klein, carsten.klein@axn-software.de, dstanek, georg.brandl, jerry.seutter, jjlee, karlcow, r.david.murray, tim.peters
Date 2011-04-04.21:30:04
SpamBayes Score 1.784256e-11
Marked as misclassified No
Message-id <1301952606.25.0.974467264854.issue2193@psf.upfronthosting.co.za>
In-reply-to
Content 
To Carsten Klein:
It would be great if you turn your eyes on and try to read more carefully before posting something here.

----------------------------
NAME=VALUE 
NAME is the cookie’s name, and VALUE is its value. Thus the header Set-Cookie: id=waldo sets a cookie with name id and value waldo. Both the cookie NAME  and its VALUE may be any sequence of characters except semi-colon, comma, or whitespace. 
----------------------------

In the above it says "any sequence of characters" EXCEPT a three characters: 
1. semi-colon
2. comma
3. whitespace

In English this means that "any sequence of characters" INCLUDES a colon and thus colon IS a valid character. BTW, this stupid bug is three years old, while the rest of the world implemented it right (Java, Ruby etc).

Also Python implementation of this part is at least... strange (being polite here). Because instead of excluding illegal chars, they actually going opposite by including the entire world and then going mad in the whole code inside... :-(
History
Date User Action Args
2011-04-04 21:30:06BMsetrecipients: + BM, tim.peters, akuchling, georg.brandl, jjlee, dstanek, jerry.seutter, aclover, r.david.murray, karlcow, BreamoreBoy, carsten.klein@axn-software.de, carsten.klein
2011-04-04 21:30:06BMsetmessageid: <1301952606.25.0.974467264854.issue2193@psf.upfronthosting.co.za>
2011-04-04 21:30:04BMlinkissue2193 messages
2011-04-04 21:30:04BMcreate