Carsten Klein <carsten.kl...@axn-software.de> added the comment:
Guess you are right...
I did overlook the quoted-string reference in the RFC:
av-pair = attr ["=" value] ; optional value
attr = token
value = word
word = token | quoted-string
The actual production rules for quoted-string are not specified, so I guess
that anything resembling unicode data would be allowed in that string provided
that:
[...] from RFC 2109
10.1.3 Punctuation
In Netscape's original proposal, the values in attribute-value pairs
did not accept "-quoted strings. Origin servers should be cautious
about sending values that require quotes unless they know the
receiving user agent understands them (i.e., "new" cookies). A
("new") user agent should only use quotes around values in Cookie
headers when the cookie's version(s) is (are) all compliant with this
specification or later.
in RFC 2965 there is no such notice...
However, and this is important, the cookie values not matching token must be
quoted by the origin server upon setting and the client must return these as
quoted strings as well.
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue2193>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
