[drakma-devel] error while parsing set cookie containing httponly & secure

Simon Koch simkoc at postfach.it
Sun Dec 9 17:15:08 UTC 2012


When parsing this Set-Cookie line:

Set-Cookie: shssl=4058628; path=/; secure; HttpOnly

The resulting Cookie is:

#<COOKIE shssl=4058628; path=/; domain=www.base.de>

Which misses both features: 'HttpOnly' and 'secure'.

I traced the bug down to 'parse-set-cooie' which returns
(("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure; HttpOnly"))))

instead of (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure")
("HttpOnly"))))

As far as I understood the code the problem is caused by
'read-name-value-pairs' of chunga.

I am using chunga 1.1.1 and drakma 1.2.9

Is this a already known bug/problem?





More information about the Drakma-devel mailing list