[Zope-dev] More robust cookie handling
S.Aeschbacher
zope at bturtle.ch
Wed Mar 30 10:06:47 EST 2005
Hi
during some testing I did I stumbled over this problem.
When a client which is accessing a page on a Zope server sends a _ZopeId
with other spelling (e.g. _ZOPEID). Zope does not accept the cookie and
(obviously) sends a new value in the answer.
According to RFC 2965 and RFC 2109 (defines the Set-Cookie header but is
obsolete by RFC 2965) the NAME part of a name-value pair is treated
case-insensitive.
I'm not sure if this is a issue worth bothering as all user-agents seem
to leave the NAME part intact (except my self-written test-suite ;).
Changing the behaviour to ignore the case of the name would make it
somewhat more robust.
If you think it is worth bothering I will open an Issue in the Collector.
regards
Stefan
More information about the Zope-Dev
mailing list