[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
From: |
Eli Zaretskii |
Subject: |
Re: [PATCH] url: Wrap cookie headers in url-http--encode-string. |
Date: |
Thu, 08 Sep 2016 21:01:39 +0300 |
> From: Toke Høiland-Jørgensen <address@hidden>
> Cc: address@hidden, address@hidden, address@hidden
> Date: Thu, 08 Sep 2016 19:43:41 +0200
>
> > Can the cookies file include non-ASCII text? E.g., could the domain
> > be non-ASCII?
>
> >From glancing at the code, it seems those are the non-puny-coded
> hostnames that are stored in that file. But that doesn't really matter,
> as those are only lookup variables in an the array.
According to this:
https://en.wikipedia.org/wiki/HTTP_cookie
a cookie response could include "Domain=example.com", which I read to
mean the domain can appear in the response for a cookie. Am I
mistaken?
> The question is whether the cookie values themselves can be.
The same Wikipedia article says no:
The value of a cookie may consist of any printable ASCII character
(! through ~, Unicode \u0021 through \u007E) excluding , and ; and
whitespace characters. The name of a cookie excludes the same
characters, as well as =, since that is the delimiter between the
name and value. The cookie standard RFC 2965 is more restrictive but
not implemented by browsers.
So AFAIU, the only problem is the domain name (and maybe also Path).
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., (continued)
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Stefan Monnier, 2016/09/07
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Toke Høiland-Jørgensen, 2016/09/07
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Eli Zaretskii, 2016/09/07
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Toke Høiland-Jørgensen, 2016/09/07
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Dmitry Gutov, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Toke Høiland-Jørgensen, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Dmitry Gutov, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Toke Høiland-Jørgensen, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Eli Zaretskii, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Toke Høiland-Jørgensen, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.,
Eli Zaretskii <=
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Stefan Monnier, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Eli Zaretskii, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Alain Schneble, 2016/09/08
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Eli Zaretskii, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Alain Schneble, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Eli Zaretskii, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Alain Schneble, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Stefan Monnier, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Alain Schneble, 2016/09/09
- Re: [PATCH] url: Wrap cookie headers in url-http--encode-string., Alain Schneble, 2016/09/09