Message133057
Guess you are right...
I did overlook the quoted-string reference in the RFC:
av-pair = attr ["=" value] ; optional value
attr = token
value = word
word = token | quoted-string
The actual production rules for quoted-string are not specified, so I guess that anything resembling unicode data would be allowed in that string provided that:
[...] from RFC 2109
10.1.3 Punctuation
In Netscape's original proposal, the values in attribute-value pairs
did not accept "-quoted strings. Origin servers should be cautious
about sending values that require quotes unless they know the
receiving user agent understands them (i.e., "new" cookies). A
("new") user agent should only use quotes around values in Cookie
headers when the cookie's version(s) is (are) all compliant with this
specification or later.
in RFC 2965 there is no such notice...
However, and this is important, the cookie values not matching token must be quoted by the origin server upon setting and the client must return these as quoted strings as well. |
|
Date |
User |
Action |
Args |
2011-04-05 18:02:16 | carsten.klein@axn-software.de | set | recipients:
+ carsten.klein@axn-software.de, tim.peters, akuchling, georg.brandl, jjlee, dstanek, jerry.seutter, BM, aclover, r.david.murray, karlcow, BreamoreBoy, carsten.klein |
2011-04-05 18:02:16 | carsten.klein@axn-software.de | set | messageid: <1302026536.03.0.724135596442.issue2193@psf.upfronthosting.co.za> |
2011-04-05 18:02:14 | carsten.klein@axn-software.de | link | issue2193 messages |
2011-04-05 18:02:14 | carsten.klein@axn-software.de | create | |
|