[Zope] cookies and paths?
Quentin Smith
quentins@comclub.dyndns.org
Tue, 20 Aug 2002 22:41:52 -0400
Hi-
I'm not sure if this is a bug or not. You should read up on the cookie
spec at http://www.netscape.com/newsref/std/cookie_spec.html. I believe
that a more-specific path will mask a more general path. However, I do
not know if it is possible to send two Set-cookie headers with the same
name in the same response.
--Quentin
On Tuesday, August 20, 2002, at 10:10 PM, KevinL wrote:
> On Wed, 2002-08-21 at 12:02, Quentin Smith wrote:
>> Hi-
>> This is, unfortunately, the way it is supposed to work. To expire a
>> cookie, you need to send a Set-Cookie header with an identical name and
>> path and a date in the past. I don't know how Zope handles setting
>> cookies, as I have only ever had to read cookies. I imagine you would
>> need to call something like RESPONSE.cookies.expire("name", "/path"),
>> but it probably is a different function name.
>> --Quentin
>
> The problem is, if I have a cookie called __ac at path /, and a cookie
> called __ac at path /xone, then I can expire one or the other - but not
> both on the same web request. Because HTTPResponse.py keys on cookie
> name only, not name and path.
>
> Does this rate as a bug? I can work around it, sorta, but it feels
> wrong.
>
> KevinL
>