Message385430
This patch should really be included.
As carl already mentioned, the relevant spec is RFC 6265, see section 5.4.2: "The user agent SHOULD sort the cookie-list in the following order: Cookies with longer paths are listed before cookies with shorter paths. Among cookies that have equal-length path fields, cookies with earlier creation-times are listed before cookies with later creation-times."
Currently, if the cookies are loaded with cookies.load(env['HTTP_COOKIE']) as most web frameworks do, then the cookies will be populated with the least specific or oldest values if there are duplicates. This is really bad. |
|
Date |
User |
Action |
Args |
2021-01-21 15:12:28 | cito | set | recipients:
+ cito, jjlee, sonderblade, valankar, ajaksu2, karlcow, mmelin |
2021-01-21 15:12:28 | cito | set | messageid: <1611241948.49.0.430154870525.issue1375011@roundup.psfhosted.org> |
2021-01-21 15:12:28 | cito | link | issue1375011 messages |
2021-01-21 15:12:28 | cito | create | |
|