Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
actually, IE only supports quoting of the value for v0 cookies.
honestly, I wasn't up for the backwards compatible fix, but since it
turns out that most folks use v0 cookies with v1 values, this is an
evil must.
without the below fix, every single JSESSIONID cookie will not work
on IE.
That's not good.
I've looked at this again and the real problem is that maybeQuote2()
may change the cookie version but we only check the return value when
calling maybeQuote2() for the value. We need to check the return value
every time we call maybeQuote2(). I have an alternative patch which
I'll add to the status file.
I don't think that we should change the cookie version simply because
"/" is the path, that doesn't sound right, nor is it required by spec.
I'd rather just do the switch upon values containing funky
characters...if at all, and maybe just follow spec, and not allow the
bad v0 values at all, like the original fix was.
Filip
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
