Forum OpenACS Q&A: RFC for cookies

Collapse
19: RFC for cookies (response to 1)
Posted by Connie Hentosh on
       I actually don't see any place in RFC 2695 which specifies (or
       prohibits) a specific delimiter inside a cookie (I could be
       missing it, though; any pointers would be helpful).
RFC 2965 points to the RFC 2616. 2616 states (around page 16) what is valid in a token and what is a delimeter. If there is a delimeter in the value, it needs to be placed in quotes. I noticed that ACS 4 doesn't have quotes around the value. I wonder if that would solve your WAP issue.
       I'm not familiar with the OpenACS 3.2.x code, but in ACS 4.x 
       we introduced a set cookie abstraction procedure
       (ad_set_cookie).
ad_set_cookie is in 3.2, but not used in ever place. Some code set the cookie headers directly.