Menu
▾
▴
Re: [Erlyaws-list] Multiple cookies per one Set-Cookie/Cookie header
|
From: Christopher F. <chr...@ca...> - 2012-07-10 16:21:02
|
On 04/07/2012 21:16, Christopher Faulet wrote:
> On 17/04/2012 17:07, Serge Polkovnikov wrote:
>> Hi!
>> Looks like the yaws can't work with multiple cookies defined in a one
>> Set-Cookie or Cookie header. This applies to the functions
>> yaws_api:find_cookie_val/2 and yaws_api:parse_set_cookie/1.
>>
>> Is there any plan to fix this?
>
> Hi,
>
> I have just pushed a fix to parse multiple cookies in one Set-Cookie
> header. Now, yaws_api:parse_set_cookie/1 returns a list of #setcookie{}
> records. If no cookie was found or if an error occurred, it returns [].
> Note that this fix breaks the compatibility with previous versions.
>
> 2 new functions was also added, yaws_api:parse_cookie/1 and
> yaws_api:format_cookie/1, to parse and format 'Cookie' headers.
>
> Can you confirm that it fixes your problems ?
>
Hi,
Cookie parsing was refactored to follow the RFC 6265 [1]. This RFC
obsoletes RFCs 2965 and 2109. #setcookie{} and #cookie{} records have
changed to reflect it. And, of course, yaws_api:parse_set_cookie/1 and
yaws_api:parse_cookie/1 have been refactored accordingly.
Because old RFCs are still used, we try to be backward compatible. The
main concession concerns the comma. 'Set-Cookie' headers are parsed as
comma-separated lists of cookies. So comma is forbidden in unquoted
values (expect for 'Expires' attributes).
This refactoring still breaks the compatibility with previous versions
of Yaws. Sorry for the breakage but we saw no other way to improve
cookie parsing.
[1] http://tools.ietf.org/html/rfc6265
--
Christopher
|