Joe Schaefer
joe+gmane at sunstarsys.com
Fri Jan 14 09:06:45 EST 2005
Nicolas Lehuen <nicolas.lehuen at gmail.com> writes: [...] > Looking from this definition, only $Path and $Domain attributes are > allowed. mod_python accepts more attributes. The question is, should > we be liberal in what we accept (and strict in what we produce, of > course) ? I think so. +1. RFC 2965 (which supercedes 2109) defines a few additional attributes. >> There's no universally-accepted way to mix Netscape cookies >> with the RFC-based ($Version=1) cookies within the same HTTP >> request. At some point the IETF tried to produce an errata >> document to address this, but IIRC failed to achieve consensus >> on a resolution. > > That's another reason to be as liberal as we can without breaking > anything. True enough. There are also a few security-related comments in the specs that you might want to factor in, but simply doing what other implementations do (jetty, or zope perhaps) is a good plan. Though as you might guess, I'd still like to see apreq become useable by mod_python hackers someday ;-). -- Joe Schaefer
|