'/' not allowed in cookie name?
Andrew Dalke
dalke at dalkescientific.com
Thu Feb 14 17:58:22 EST 2002
Oliver Rutherfurd:
> I'm ... receiving a cookie.CookieError when a server I am
> connecting to sends me a cookie with '/' in the name.
...
> After spending a little time reading http://www.faqs.org/rfcs/rfc2109.html
> I am still not any closer to understanding whether '/' is a legal value
> that the cookie module should accept in a name, or whether the server
> is misbehaving.
That RFC defines the format for the cookie syntax, in 4.1
av-pairs = av-pair *(";" av-pair)
av-pair = attr ["=" value] ; optional value
attr = token
value = word
word = token | quoted-string
The "attr" is the name (before the "="), which you want to be 1/2.
The specification for token is defined in RFC 2068 as
token = 1*<any CHAR except CTLs or tspecials>
where
tspecials = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HT
So token cannot contain "/", which means "1/2" is not a valid
cookie name.
As to if some clients and servers let you use illegal cookie
names ... that's a different thing.
Andrew
dalke at dalkescientific.com
More information about the Python-list
mailing list