Skip to content

Space is not required for Set-Cookie header #11131

Merged
merged 1 commit into from Jul 5, 2013

4 participants

@ykzts
ykzts commented Jun 26, 2013

Are space is ignored for before and after the separator (ex: ;).

@schneems
Ruby on Rails member

Do you have any references to support the format of Set-Cookie with regard to the separator?

@ykzts
ykzts commented Jun 30, 2013

The user agent MUST use an algorithm equivalent to the following algorithm to parse the unparsed-attributes:

  1. If the unparsed-attributes string is empty, skip the rest of these steps.
  2. Discard the first character of the unparsed-attributes (which will be a %x3B (";") character).
  3. If the remaining unparsed-attributes contains a %x3B (";") character: Consume the characters of the unparsed-attributes up to, but not including, the first %x3B (";") character. Otherwise: Consume the remainder of the unparsed-attributes. Let the cookie-av string be the characters consumed in this step.
  4. If the cookie-av string contains a %x3D ("=") character: The (possibly empty) attribute-name string consists of the characters up to, but not including, the first %x3D ("=") character, and the (possibly empty) attribute-value string consists of the characters after the first %x3D ("=") character. Otherwise: The attribute-name string consists of the entire cookie-av string, and the attribute-value string is empty.
  5. Remove any leading or trailing WSP characters from the attribute-name string and the attribute-value string.
  6. Process the attribute-name and attribute-value according to the requirements in the following subsections. (Notice that attributes with unrecognized attribute-names are ignored.)
  7. Return to Step 1 of this algorithm.

cite: RFC 6265 section 5.2 (The Set-Cookie Header)

@schneems
Ruby on Rails member
@steveklabnik
Ruby on Rails member

Seems good to me too. @NZKoz ?

@NZKoz
Ruby on Rails member
NZKoz commented Jul 1, 2013

yeah :+1: from me too,

@steveklabnik
Ruby on Rails member

Okay! Let's get a CHANGELOG entry and then I'll merge.

@ykzts
ykzts commented Jul 5, 2013

@steveklabnik I added changelog entry!

@steveklabnik steveklabnik merged commit 5ade0dd into rails:master Jul 5, 2013

1 check passed

Details default The Travis CI build passed
@steveklabnik
Ruby on Rails member

Great, thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.