[drakma-devel] Parsing quoted cookie values (bug?)
Victor Kryukov
victor.kryukov at gmail.com
Sun Mar 16 03:59:09 UTC 2008
Hello,
I believe the following behaviour is a bug:
(drakma::parse-set-cookie "session=\"1,2,3\"; domain=example.com;
path=/")
generates an error:
While parsing cookie header "session=\"1,2,3\"; domain=example.com; path=/":
Read character #\,, but expected #\=.
[Condition of type SIMPLE-ERROR]
Restarts:
0: [ABORT] Return to SLIME's top level.
1: [TERMINATE-THREAD] Terminate this thread (#<THREAD "new-repl-thread" {1004560551}>)
Backtrace:
0: (CHUNGA::SIGNAL-UNEXPECTED-CHARS #\, #\=)
1: (CHUNGA:ASSERT-CHAR #<SB-IMPL::STRING-INPUT-STREAM {1004562A51}> #\=)
2: (CHUNGA:READ-NAME-VALUE-PAIR #<SB-IMPL::STRING-INPUT-STREAM {1004562A51}>)[:EXTERNAL]
3: (DRAKMA::PARSE-SET-COOKIE "session=\"1,2,3\"; domain=example.com;
path=/")
According to RFC2965[1],
av-pairs = av-pair *(";" av-pair)
av-pair = attr ["=" value] ; optional value
attr = token
value = token | quoted-string
value is either a token or a quoted string. According to RFC2616[2],
quoted-string = ( <"> *(qdtext | quoted-pair ) <"> )
qdtext = <any TEXT except <">>
quoted string can contain any text except \", including
commas.
I know a particular web-site (reddit.com) that sets cookies of that
form, and Firefox parses them without any problem.
The problem seem to be in read-name-value-pair from CHUNGA:
DRAKMA> (with-input-from-string (in "session=\"1,2,3\";
domain=example.com; path=/") (read-name-value-pair in :cookie-syntax t))
("session" . "\"1")
Best Regards,
Victor.
[1] http://www.faqs.org/rfcs/rfc2965.html
[2] http://www.faqs.org/rfcs/rfc2616.html
--
http://macrodefinition.blogspot.com
More information about the Drakma-devel
mailing list