[Zope] cookies and paths?

[Chris McDonough]

I'm not sure if this is a bug or not.  I've read the cookie spec and
it's appears to be mute on the point of how servers need to categorize
and store cookies during a response.  I understand what you're trying to
do, and it seems to call for an additional API method on the response
object that would allow you to supply a path when setting a cookie.  You
may want to file a collector feature request for this.

FWIW, you can work around this by calling
response.setHeader('Set-Cookie' "name=value; expires=date; path=path,
domain=domain, secure") manually for each cookie you want to expire.

HTH,

- C


On Tue, 2002-08-20 at 22:10, KevinL wrote:
> On Wed, 2002-08-21 at 12:02, Quentin Smith wrote:
> > Hi-
> > This is, unfortunately, the way it is supposed to work. To expire a 
> > cookie, you need to send a Set-Cookie header with an identical name and 
> > path and a date in the past. I don't know how Zope handles setting 
> > cookies, as I have only ever had to read cookies. I imagine you would 
> > need to call something like RESPONSE.cookies.expire("name", "/path"), 
> > but it probably is a different function name.
> > --Quentin
> 
> The problem is, if I have a cookie called __ac at path /, and a cookie
> called __ac at path /xone, then I can expire one or the other - but not
> both on the same web request.  Because HTTPResponse.py keys on cookie
> name only, not name and path.
> 
> Does this rate as a bug?  I can work around it, sorta, but it feels
> wrong.
> 
> KevinL
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )