From: Christopher F. <chr...@ca...> - 2012-07-10 16:21:02
|
On 04/07/2012 21:16, Christopher Faulet wrote: > On 17/04/2012 17:07, Serge Polkovnikov wrote: >> Hi! >> Looks like the yaws can't work with multiple cookies defined in a one >> Set-Cookie or Cookie header. This applies to the functions >> yaws_api:find_cookie_val/2 and yaws_api:parse_set_cookie/1. >> >> Is there any plan to fix this? > > Hi, > > I have just pushed a fix to parse multiple cookies in one Set-Cookie > header. Now, yaws_api:parse_set_cookie/1 returns a list of #setcookie{} > records. If no cookie was found or if an error occurred, it returns []. > Note that this fix breaks the compatibility with previous versions. > > 2 new functions was also added, yaws_api:parse_cookie/1 and > yaws_api:format_cookie/1, to parse and format 'Cookie' headers. > > Can you confirm that it fixes your problems ? > Hi, Cookie parsing was refactored to follow the RFC 6265 [1]. This RFC obsoletes RFCs 2965 and 2109. #setcookie{} and #cookie{} records have changed to reflect it. And, of course, yaws_api:parse_set_cookie/1 and yaws_api:parse_cookie/1 have been refactored accordingly. Because old RFCs are still used, we try to be backward compatible. The main concession concerns the comma. 'Set-Cookie' headers are parsed as comma-separated lists of cookies. So comma is forbidden in unquoted values (expect for 'Expires' attributes). This refactoring still breaks the compatibility with previous versions of Yaws. Sorry for the breakage but we saw no other way to improve cookie parsing. [1] http://tools.ietf.org/html/rfc6265 -- Christopher |