Add better/more information about RFC6265 cookie-octetfix.cookie_handling

We want to provide people an easy to find resource on what is now going to be valid in a WebOb cookie.
author: Bert JW Regeer <bertjw@regeer.org> 2014-11-14 00:46:32 -0700
committer: Bert JW Regeer <bertjw@regeer.org> 2015-03-22 21:36:45 -0600
commit: cebf4b832e3bdf48a3803561f6ad37a673cab032 (patch)
tree: fa205ee3dff208f0da041a0626520ef8cd3e0a8a
parent: 5d0e7b9f82991d7ffa67ca928d8abd40c4005689 (diff)
download: webob-fix.cookie_handling.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/news.txt b/docs/news.txt
index 0f9ca63..edcdf9f 100644
--- a/docs/news.txt
+++ b/docs/news.txt
@@ -12,6 +12,20 @@ Backwards Incompatibilities
   be issued, in the future this will raise a ``ValueError``, please update your
   cookie handling code. See https://github.com/Pylons/webob/pull/172
 
+  The cookie-octet specification in RFC6265 states the following characters are
+  valid in a cookie value:
+  
+  Hex Range     Actual Characters
+  ---------     -----------------
+  [0x21     ]   !
+  [0x25-0x2B]   #$%&'()*+ 
+  [0x2D-0x3A]   -./0123456789: 
+  [0x3C-0x5B]   <=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[
+  [0x5D-0x7E]   ]^_`abcdefghijklmnopqrstuvwxyz{|}~
+
+  RFC6265 suggests using base 64 to serialize data before storing data in a
+  cookie.
+
 - ``response.set_cookie`` now uses the internal ``make_cookie`` API, which will
   issue warnings if cookies are set with invalid bytes. See
   https://github.com/Pylons/webob/pull/172
author	Bert JW Regeer <bertjw@regeer.org>	2014-11-14 00:46:32 -0700
committer	Bert JW Regeer <bertjw@regeer.org>	2015-03-22 21:36:45 -0600
commit	cebf4b832e3bdf48a3803561f6ad37a673cab032 (patch)
tree	fa205ee3dff208f0da041a0626520ef8cd3e0a8a
parent	5d0e7b9f82991d7ffa67ca928d8abd40c4005689 (diff)
download	webob-fix.cookie_handling.tar.gz