[Python-Dev] Cookie.py too strict
Barry A. Warsaw
barry@python.org
Tue, 21 Jan 2003 22:49:58 -0500
I'm unhappy about aspects of Cookie.py. My main gripe at the moment
is the fact that if you feed SimpleCookie cookie data with colons in
one of the keys, it raises a CookieError.
This might seem reasonable behavior when creating cookies from a
program, but I think it's unreasonable for reading cookies from http
data, under the mantra of "be liberal what you accept and strict in
what you produce".
Aside: this is nailing me when visiting both Mailman 2.0 and 2.1 lists
at python.org. MM2.0 used a key like mylist:admin and the colon is
not strictly legal (apparently - it didn't jump out at me in a quick
scan of RFCs 2068 and 2109). MM2.1 changed that to be mylist+admin as
the key, but since mail.python.org shares url space between 2.0 and
2.1 lists, a cookie header may have a mix. It's very inconvenient for
Cookie.py to throw the error in this case.
Anyway, it turns out to be a PITA to work around this via say
inheritance because of the design of the module and the embedding of
the legal chars in Morsel.set() call.
I'd like to fix this, but I'm not sure exactly how I'd like to fix
it. "Must resist temptation to rewrite."
Before I dig in, I thought I'd ask and see if anybody else cared about
this, or had ideas they'd like to throw out. I want to do the
simplest thing I can get away with, but I would like to fix it in
Cookie.py rather than in a Mailman monkey patch.
-Barry