[New-bugs-announce] [issue19670] SimpleCookie Generates Non-RFC6265-Compliant Cookies
Patrick Bogen
report at bugs.python.org
Wed Nov 20 21:23:24 CET 2013
New submission from Patrick Bogen:
SimpleCookie uses _quote to quote cookie values, which converts special characters to \OCTAL notation. This is not RFC6265 compliance, which requires- in part- that cookie values do not contain backslashes:
cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
; US-ASCII characters excluding CTLs,
; whitespace DQUOTE, comma, semicolon,
; and backslash
----------
components: Library (Lib)
messages: 203529
nosy: pdbogen
priority: normal
severity: normal
status: open
title: SimpleCookie Generates Non-RFC6265-Compliant Cookies
type: behavior
versions: Python 2.7
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue19670>
_______________________________________
More information about the New-bugs-announce
mailing list