all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Eli Zaretskii <eliz@gnu.org>
To: Alain Schneble <a.s@realize.ch>
Cc: toke@toke.dk, emacs-devel@gnu.org, monnier@IRO.UMontreal.CA,
	dgutov@yandex.ru
Subject: Re: [PATCH] url: Wrap cookie headers in url-http--encode-string.
Date: Fri, 09 Sep 2016 10:57:09 +0300	[thread overview]
Message-ID: <83bmzx8q0a.fsf@gnu.org> (raw)
In-Reply-To: <86wpimqgn8.fsf@realize.ch> (message from Alain Schneble on Thu,  8 Sep 2016 22:29:47 +0200)

> From: Alain Schneble <a.s@realize.ch>
> CC: Stefan Monnier <monnier@IRO.UMontreal.CA>, <toke@toke.dk>,
> 	<emacs-devel@gnu.org>, <dgutov@yandex.ru>
> Date: Thu, 8 Sep 2016 22:29:47 +0200
> 
> FWIW, Mozilla refers to RFC6265
> https://tools.ietf.org/html/rfc6265#section-5.4:
> 
> Bottom of Page 26 says:
> 
>    NOTE: Despite its name, the cookie-string is actually a sequence of
>    octets, not a sequence of characters.  To convert the cookie-string
>    (or components thereof) into a sequence of characters (e.g., for
>    presentation to the user), the user agent might wish to try using the
>    UTF-8 character encoding [RFC3629] to decode the octet sequence.
>    This decoding might fail, however, because not every sequence of
>    octets is valid UTF-8.
> 
> See also
> https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cookie.

If the cookies file can include non-ASCII characters, then IMO Stefan
is right, and url-cookie-generate-header should produce a unibyte
string consisting of UTF-8 sequences.

However, I think for the emacs-25 branch, it would be safer to encode
the cookie header explicitly in url-http-create-request; we could make
the change in url-cookie-generate-header on master.  Any objections?

P.S. We should decide about the change on emacs-25 quickly, because
the current plan calls for the final 25.1 release tarball on Sep 12.

Thanks.



  reply	other threads:[~2016-09-09  7:57 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-07 15:30 [PATCH] url: Wrap cookie headers in url-http--encode-string Toke Høiland-Jørgensen
2016-09-07 16:40 ` Stefan Monnier
2016-09-07 16:52   ` Toke Høiland-Jørgensen
2016-09-07 17:15     ` Eli Zaretskii
2016-09-07 18:25       ` Toke Høiland-Jørgensen
2016-09-08 14:06         ` Dmitry Gutov
2016-09-08 14:14           ` Toke Høiland-Jørgensen
2016-09-08 14:25             ` Dmitry Gutov
2016-09-08 15:58               ` Toke Høiland-Jørgensen
2016-09-08 17:20                 ` Eli Zaretskii
2016-09-08 17:43                   ` Toke Høiland-Jørgensen
2016-09-08 18:01                     ` Eli Zaretskii
2016-09-08 17:47                   ` Stefan Monnier
2016-09-08 18:04                     ` Eli Zaretskii
2016-09-08 20:29                       ` Alain Schneble
2016-09-09  7:57                         ` Eli Zaretskii [this message]
2016-09-09 14:56                 ` Alain Schneble
2016-09-09 15:04                   ` Eli Zaretskii
2016-09-09 15:16                     ` Alain Schneble
2016-09-09 15:06                   ` Stefan Monnier
2016-09-09 15:15                     ` Alain Schneble
2016-09-09 18:02                 ` Alain Schneble
2016-09-09 18:07                   ` Toke Høiland-Jørgensen
2016-09-09 18:54                   ` Eli Zaretskii
2016-09-09 19:21                     ` Alain Schneble
2016-09-09 19:32                       ` Eli Zaretskii
2016-09-09 19:47                         ` Alain Schneble
2016-09-09 19:49                           ` Eli Zaretskii
2016-09-09 19:56                             ` Toke Høiland-Jørgensen
2016-09-10  5:42                               ` Eli Zaretskii
2016-09-10  8:34                                 ` Dmitry Gutov
2016-09-10 19:12                                   ` Eli Zaretskii
2016-09-09 20:01                         ` distinguishing multibyte/unibyte ASCII (was: [PATCH] url: Wrap cookie headers in url-http--encode-string.) Stefan Monnier
2016-09-09 20:17                           ` distinguishing multibyte/unibyte ASCII Toke Høiland-Jørgensen
2016-09-09 20:46                             ` Stefan Monnier
2016-09-09 21:02                           ` Alain Schneble
2016-09-10  5:50                           ` distinguishing multibyte/unibyte ASCII (was: [PATCH] url: Wrap cookie headers in url-http--encode-string.) Eli Zaretskii
2016-09-07 19:14 ` [PATCH] url: Wrap cookie headers in url-http--encode-string Lars Ingebrigtsen
2016-09-07 20:49   ` Toke Høiland-Jørgensen
2016-09-08  2:47   ` Eli Zaretskii
2016-09-08  9:07     ` Lars Ingebrigtsen
2016-09-08 17:23       ` Eli Zaretskii

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=83bmzx8q0a.fsf@gnu.org \
    --to=eliz@gnu.org \
    --cc=a.s@realize.ch \
    --cc=dgutov@yandex.ru \
    --cc=emacs-devel@gnu.org \
    --cc=monnier@IRO.UMontreal.CA \
    --cc=toke@toke.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.