This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author andresriancho
Recipients akuchling, andresriancho, jjlee, sirilyan
Date 2008-10-08.03:08:01
SpamBayes Score 7.38859e-05
Marked as misclassified No
Message-id <1223435284.45.0.175239932546.issue1028088@psf.upfronthosting.co.za>
In-reply-to
Content
Sorry to bother you guys after so much time, but I think that there is
at least one bit of the RFC that isn't respected by this "name=value"
thing... If we look at the RFC we'll see this:

   cookie-av       =       "Comment" "=" value
                   |       "Domain" "=" value
                   |       "Max-Age" "=" value
                   |       "Path" "=" value
                   |       "Secure"
                   |       "Version" "=" 1*DIGIT

As you may have noticed, "Secure" doesn't have any values. Also, (but
out of the RFC) there is a commonly used cookie flag named "HttpOnly"
[0], which would be nice to correctly parse also.

Should _CookiePattern be modified to address this issue? 

[0] http://www.owasp.org/index.php/HTTPOnly
History
Date User Action Args
2008-10-08 03:08:04andresrianchosetrecipients: + andresriancho, akuchling, jjlee, sirilyan
2008-10-08 03:08:04andresrianchosetmessageid: <1223435284.45.0.175239932546.issue1028088@psf.upfronthosting.co.za>
2008-10-08 03:08:03andresriancholinkissue1028088 messages
2008-10-08 03:08:02andresrianchocreate