Author Grzegorz Sikorski
Recipients Grzegorz Sikorski
Date 2016-10-06.15:01:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1475766073.34.0.905667468742.issue28378@psf.upfronthosting.co.za>
In-reply-to
Content
I have a usecase when the server sends two cookies in separate `Set-Cookie` headers. One of the cookie includes a `,` (comma). It seems this is not handled properly, as the library always try to fold multiple headers with the same name into a single comma-separated string. While this is valid for other header fields, `Set-Cookie` should never be folded, as RFC 6265 says:
```
   Origin servers SHOULD NOT fold multiple Set-Cookie header fields into
   a single header field.  The usual mechanism for folding HTTP headers
   fields (i.e., as defined in [RFC2616]) might change the semantics of
   the Set-Cookie header field because the %x2C (",") character is used
   by Set-Cookie in a way that conflicts with such folding.
```
History
Date User Action Args
2016-10-06 15:01:13Grzegorz Sikorskisetrecipients: + Grzegorz Sikorski
2016-10-06 15:01:13Grzegorz Sikorskisetmessageid: <1475766073.34.0.905667468742.issue28378@psf.upfronthosting.co.za>
2016-10-06 15:01:13Grzegorz Sikorskilinkissue28378 messages
2016-10-06 15:01:12Grzegorz Sikorskicreate