[drakma-devel] error while parsing set cookie containing httponly & secure

Hans Hübner hans.huebner at gmail.com
Sun Dec 9 17:44:14 UTC 2012


Simon,

thank you for your report.  It is not a known problem.  I'd be
grateful if you could open a github issue
(https://github.com/edicl/drakma/issues).  From glancing at your
description, it seems to me that this is indeed a bug that should be
fixed.

Thanks,
Hans

On Sun, Dec 9, 2012 at 6:15 PM, Simon Koch <simkoc at postfach.it> wrote:
> When parsing this Set-Cookie line:
>
> Set-Cookie: shssl=4058628; path=/; secure; HttpOnly
>
> The resulting Cookie is:
>
> #<COOKIE shssl=4058628; path=/; domain=www.base.de>
>
> Which misses both features: 'HttpOnly' and 'secure'.
>
> I traced the bug down to 'parse-set-cooie' which returns
> (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure; HttpOnly"))))
>
> instead of (("Set-Cookie: shssl" "4058628" (("path" . "/") ("secure")
> ("HttpOnly"))))
>
> As far as I understood the code the problem is caused by
> 'read-name-value-pairs' of chunga.
>
> I am using chunga 1.1.1 and drakma 1.2.9
>
> Is this a already known bug/problem?
>
>
> _______________________________________________
> drakma-devel mailing list
> drakma-devel at common-lisp.net
> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel




More information about the Drakma-devel mailing list