Aleksandr Guidrevitch wrote: > JUANMARCOSMOREN wrote: > >Aleksandr Guidrevitch wrote: > >>We've found that LWP incorrectly handles cookies > >>containing ';' in the cookie value. > >>The patch (test case and fix) is attached > > > >Could you point me to a web page that is already sending these kind of > >cookies? > >Does it work under MSIE/Mozilla? > > Nope, it is our internal project, not available to outer world. > Both we know that neither mozilla nor msie correctly handle such cookies :((
So, why do you want ';' in cookies if they are not handled correctly by the most used HTTP implementations (MSIE and Mozilla)? > According RFC in **quoted** string you can put almost anything. > See http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2109.html for > definition of cookie: People don't care much about the HTTP RFC what people really want is to be compatible with MSIE and Mozilla. > av-pairs = av-pair *(";" av-pair) > av-pair = attr ["=" value] ; optional value > attr = token > value = word > word = token | quoted-string > > > See http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc2068.html for > definition of quoted-string: > > A string of text is parsed as a single word if it is quoted using > double-quote marks. > quoted-string = ( <"> *(qdtext) <"> ) > qdtext = <any TEXT except <">> > The backslash character ("\") may be used as a single-character quoting > mechanism only within quoted-string and comment constructs. > quoted-pair = "\" CHAR > > So, since the patch doesn't break original libwww behavior (according > to the test suite) > and provides more proper implementation of rfc, it looked to me as a > good candidate > for inclusion into libwww. I think this patch solves nothing and add useless code to the library. It is not a good idea to apply this patch. Juan
