Re: svn commit: r638442 - /tomcat/tc6.0.x/trunk/STATUS.txt

Tue, 18 Mar 2008 11:15:43 -0700

this wont work either. for the value of the cookie, it must be what it was before. tspecials2. those are the correct characters for the "value" of the cookie, but they are not correct for the "path"
the problem is how browsers work (or not work for that matter). for example, browsers will accept a quoted value for the "value", but not for the "path". 


the safest bet, is to remove the whole version switch, and be spec 
compliant, and let the users make sure they have the correct values.



if we need to pursue the path of auto switching, which I think is not a 
good idea given the problems that come up, then switch on the value 
only. I'd leave the path and domain unescaped and unquoted for v0 
cookies, and don't even try to do anything.


http://svn.apache.org/viewvc?view=rev&revision=634513

Filip


[EMAIL PROTECTED] wrote:

Author: markt
Date: Tue Mar 18 10:04:22 2008
New Revision: 638442

URL: http://svn.apache.org/viewvc?rev=638442&view=rev
Log:
Withdraw previous alternative proposal and replace with an improved patch that 
addresses the concerns raised.

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=638442&r1=638441&r2=638442&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Mar 18 10:04:22 2008
@@ -105,10 +105,11 @@
             elements of the cookie header.
   -1:

 
-* As an alternative to the above patch, I propose:

-  http://people.apache.org/~markt/patches/2008-03-15-cookie-path.patch
-  +1: markt, remm, jfclere
-  -1: maybeQuote2 should not be applied to the path, since / is a valid value 
without quotes
+* As an alternative to the above patch, I propose an improved patch that
+  addresses the concerns with the previous alternative:
+  http://people.apache.org/~markt/patches/2008-03-18-cookie-path.patch
+  +1: markt
+  -1:

 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=44562

   http://svn.apache.org/viewvc?rev=635294&view=rev (prior code clean up)



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




  



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to