[issue17340] Handle malformed cookie
Luke Plant
report at bugs.python.org
Sat Mar 9 21:28:43 CET 2013
Luke Plant added the comment:
I'm a core developer on Django, and I've looked into cookies a lot, and also Python's SimpleCookie, and I've found that all accepted RFCs are completely irrelevant for this issue.
No accepted RFC was ever widely implemented - instead browsers mainly did something like the original "Netscape cookies", with various interpretations. Opera attempted RFC 2965, at least at one point, but no-one else.
RFC 6265, whatever its status, is probably the closest thing to a useful document of how cookies "should" work. But even then, I'm afraid that the main guiding principle has to be sheer pragmatism. Read the source code or bug trackers of any other project that has to handle cookies and you'll find they have all come to that conclusion, unfortunately.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17340>
_______________________________________
More information about the Python-bugs-list
mailing list