Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
this wont work either. for the value of the cookie, it must be what
it was before. tspecials2. those are the correct characters for the
"value" of the cookie, but they are not correct for the "path"
I'm not convinced of this yet. I am doing some more testing but I
think things are being complicated by some potential bugs in the new
parsing code. Now we have the test cases, I'll look at adding some
more tests and go from there.
don't think there are any bugs in the parsing code, it's just in the
autoswitch, that just need to autoswitch on the value.
Right now it doesn't appear to parse the following header correctly:
Cookie: a=(
problem is that v0 cookies don't specify what values are valid, instead
they recommend using some sort of encoding for characters that might
interfer with the HTTP spec.
and according to 2616, ( is a separator
token = 1*<any CHAR except CTLs or separators>
separators = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HT
Thanks for that. That covers most of the parsing stuff I was seeing. The
only exception is that we are treating '\'' as a separator but it doesn't
appear to be in any of the specs. Not something to fix in this patch, but
we probably should remove it from the list.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
