|
Michael C. Neel
neel at mediapulse.com
Fri Nov 7 14:42:29 EST 2003
> First, please explain to us why we need yet another cookie class, more classes do not mean you cannot use a class. mod_python works quite well with the python cookie class, I've used them together for a while now. I also like having more than one choice, and if someone wants to write even another cookie class I see no problem with it. I get to pick the best one for my needs vs having one solution that I have to keep tweaking to get it to do what I need. > > Also, there are efficient-length considerations; constructing > > cookies representing 100kB data structures would not be > "best practice." > > Apache will limit any header length to about 4k :-) With out looking at the spec, I believe that clients are to reject cookies of more than 4096 bytes, and only allow one server (domain) to store 20(?) cookies max. Then again, the last time a browser was done that followed the RFCs... well I can't ever recall that happening =) A cool addition to the mod_python cookie class would be to raise an Execption (CookieLength?) if a cookie would result in more than the RFC limit. Mike
|