I'm not sure if this is a bug or not. I've read the cookie spec and it's appears to be mute on the point of how servers need to categorize and store cookies during a response. I understand what you're trying to do, and it seems to call for an additional API method on the response object that would allow you to supply a path when setting a cookie. You may want to file a collector feature request for this. FWIW, you can work around this by calling response.setHeader('Set-Cookie' "name=value; expires=date; path=path, domain=domain, secure") manually for each cookie you want to expire. HTH, - C On Tue, 2002-08-20 at 22:10, KevinL wrote:
On Wed, 2002-08-21 at 12:02, Quentin Smith wrote:
Hi- This is, unfortunately, the way it is supposed to work. To expire a cookie, you need to send a Set-Cookie header with an identical name and path and a date in the past. I don't know how Zope handles setting cookies, as I have only ever had to read cookies. I imagine you would need to call something like RESPONSE.cookies.expire("name", "/path"), but it probably is a different function name. --Quentin
The problem is, if I have a cookie called __ac at path /, and a cookie called __ac at path /xone, then I can expire one or the other - but not both on the same web request. Because HTTPResponse.py keys on cookie name only, not name and path.
Does this rate as a bug? I can work around it, sorta, but it feels wrong.
KevinL
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )