emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.


From: Eli Zaretskii
Subject: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Date: Fri, 09 Sep 2016 22:49:07 +0300

> From: Alain Schneble <address@hidden>
> CC: <address@hidden>, <address@hidden>, <address@hidden>,
>       <address@hidden>
> Date: Fri, 9 Sep 2016 21:47:23 +0200
> 
> > That's not the issue.  The issue is whether a cookie-value can
> > legitimately have non-ASCII characters.  If it can, then we must
> > _encode_ the cookie-value, as that is the only correct way of getting
> > a unibyte string from non-ASCII characters.  And you pointed to an RFC
> > that seems to say non-ASCII characters in cookies are possible.
> 
> Yes true, but I thought that maybe fixing this as described could be a
> viable non-invasive alternative for the upcoming 25.1 release.

It wouldn't be safe if cookies could include non-ASCII characters.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]