semantics of WACookie >> #path

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

semantics of WACookie >> #path

Philippe Marschall
Hi

I'm currently looking into issue 749 [1] which turned out to be an
interesting encoding issue. While going through all the senders of
#pathString I noted that the current semantics of WACookie >> #path(:)
aren't really well defined.

Looking at the code they currently seem to be:
 * unescaped when setting a cookie on the server
 * the http header value (likely escaped) when sent from the client to
the server

This isn't as bad as it sounds since Opera was the only sane
implementation that would send the path back to the server (so that
the server can delete a cookie) and they're dumping their code base
for Chrome (or Chromium). But it's still an issue when we want to
support session cookies for non-ASCII paths. So the question is should
the path be escaped or not?

Traditionally we try to offer high level objects to the user that are
directly useful without having to do some parsing or decoding first.
However a string isn't actually that high level, a
SequenceableCollection would be.

As far as I can see our options are:
 * make it an unescaped string
 * make it an escaped string
 * make in an escaped SequenceableCollection

Also, do we do the same on 3.0 and 3.1?

 [1] http://code.google.com/p/seaside/issues/detail?id=749

Cheers
Philippe
_______________________________________________
seaside-dev mailing list
[hidden email]
http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev