Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
The version switch is activated by a greater set of characters than it
really needs to be. I should be able to modify my patch to only switch
when there are characters in a v1 cookie that will cause problems.
I'll try and look at this tomorrow - it is getting late here ;)
other way around, the check for the characters and the version switch,
should be done on all invalid v0 characters (which maybeQuote2 does).
this should only be done on the value, with that set of characters.
Sorry - it really was late - I meant v0.
I agree that tspecials2 is too wide a range of characters to trigger the
switch but equally I don't think tspecials are sufficient. As a minimum,
'=' also needs to trigger the switch as this will cause parsing problems if
it appears in the value/path/domain. For safety I would like to include
'\\' and '\"' as well but I don't think they are strictly necessary.
Due to the parsing issues, mainly if '=' is present, we should continue to
check domain and path and switch to v1 if required but the much reduced set
of triggers this should be a lot less likely.
I have a better patch but I haven't tested it yet. I should have it ready
to propose later this evening.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
