Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Fix documentation/cookie handling in response.set_cookie() #172
However, this does break backwards compatibility because we no longer allow unicode cookie values, these were technically contra-spec in the first place, and may not have been accepted by all browsers.
We also change from
referenced this pull request
Nov 9, 2014
@mmerickel Seems I made a mistake when looking at the code, ASCII is correct, high-order bytes are NOT allowed in cookies. So
Technically we should restrict the allowed characters even further to the allowed set as set in RFC6265:
So that WebOb does not allow the creation of cookies that fall outside of that spec.