diff options
author | Bert JW Regeer <bertjw@regeer.org> | 2014-11-14 00:46:32 -0700 |
---|---|---|
committer | Bert JW Regeer <bertjw@regeer.org> | 2015-03-22 21:36:45 -0600 |
commit | cebf4b832e3bdf48a3803561f6ad37a673cab032 (patch) | |
tree | fa205ee3dff208f0da041a0626520ef8cd3e0a8a | |
parent | 5d0e7b9f82991d7ffa67ca928d8abd40c4005689 (diff) | |
download | webob-fix.cookie_handling.tar.gz |
Add better/more information about RFC6265 cookie-octetfix.cookie_handling
We want to provide people an easy to find resource on what is now going
to be valid in a WebOb cookie.
-rw-r--r-- | docs/news.txt | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/news.txt b/docs/news.txt index 0f9ca63..edcdf9f 100644 --- a/docs/news.txt +++ b/docs/news.txt @@ -12,6 +12,20 @@ Backwards Incompatibilities be issued, in the future this will raise a ``ValueError``, please update your cookie handling code. See https://github.com/Pylons/webob/pull/172 + The cookie-octet specification in RFC6265 states the following characters are + valid in a cookie value: + + Hex Range Actual Characters + --------- ----------------- + [0x21 ] ! + [0x25-0x2B] #$%&'()*+ + [0x2D-0x3A] -./0123456789: + [0x3C-0x5B] <=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[ + [0x5D-0x7E] ]^_`abcdefghijklmnopqrstuvwxyz{|}~ + + RFC6265 suggests using base 64 to serialize data before storing data in a + cookie. + - ``response.set_cookie`` now uses the internal ``make_cookie`` API, which will issue warnings if cookies are set with invalid bytes. See https://github.com/Pylons/webob/pull/172 |