Cookies and RFC 2109

Discussion in 'ASP .Net' started by mauro, Jul 18, 2005.

  1. mauro

    mauro Guest

    it does not seem that the HttpCookie class is in compliance with the rfc
    2109, it does not expose the optional comment attribute, even asp.net 2.0
    beta 2 has this problem and frankly speaking I do not understand why a new
    version of the framework that pretends to stay runinng for years until a new
    version, has to be not compliant with standards when the java platform
    already supports such standard.
     
    mauro, Jul 18, 2005
    #1
    1. Advertising

  2. mauro

    Scott Allen Guest

    You can get and set the comment through the HttpCookie indexer:

    HttpCookie myCookie = new HttpCookie("myCookie");
    myCookie.Values["Comment"] = "myCookie purpose";
    String purpose = myCookie.Values["Comment"];

    Compliance!

    --
    Scott
    http://www.OdeToCode.com/blogs/scott/

    On Mon, 18 Jul 2005 14:48:51 GMT, "mauro" <>
    wrote:

    >it does not seem that the HttpCookie class is in compliance with the rfc
    >2109, it does not expose the optional comment attribute, even asp.net 2.0
    >beta 2 has this problem and frankly speaking I do not understand why a new
    >version of the framework that pretends to stay runinng for years until a new
    >version, has to be not compliant with standards when the java platform
    >already supports such standard.
    >
     
    Scott Allen, Jul 18, 2005
    #2
    1. Advertising

  3. mauro

    mauro Guest

    "Scott Allen" <> wrote in message
    news:p...
    > You can get and set the comment through the HttpCookie indexer:
    >
    > HttpCookie myCookie = new HttpCookie("myCookie");
    > myCookie.Values["Comment"] = "myCookie purpose";
    > String purpose = myCookie.Values["Comment"];
    >
    > Compliance!
    >
    > --
    > Scott


    Thanks, I didn't know we could use the indexer to access the attributes.
     
    mauro, Jul 18, 2005
    #3
  4. mauro

    Bruce Barker Guest

    this just adds a value pair named Comment, doesn't really add the attribute.

    you should open a bug on the beta 2 newgroup - although it may be too late
    to add this feature.

    http://lab.msdn.microsoft.com/productfeedback/

    -- bruce (sqlwork.com)




    "Scott Allen" <> wrote in message
    news:p...
    > You can get and set the comment through the HttpCookie indexer:
    >
    > HttpCookie myCookie = new HttpCookie("myCookie");
    > myCookie.Values["Comment"] = "myCookie purpose";
    > String purpose = myCookie.Values["Comment"];
    >
    > Compliance!
    >
    > --
    > Scott
    > http://www.OdeToCode.com/blogs/scott/
    >
    > On Mon, 18 Jul 2005 14:48:51 GMT, "mauro" <>
    > wrote:
    >
    >>it does not seem that the HttpCookie class is in compliance with the rfc
    >>2109, it does not expose the optional comment attribute, even asp.net 2.0
    >>beta 2 has this problem and frankly speaking I do not understand why a new
    >>version of the framework that pretends to stay runinng for years until a
    >>new
    >>version, has to be not compliant with standards when the java platform
    >>already supports such standard.
    >>

    >
     
    Bruce Barker, Jul 18, 2005
    #4
  5. mauro

    Joerg Jooss Guest

    Scott Allen wrote:

    > You can get and set the comment through the HttpCookie indexer:
    >
    > HttpCookie myCookie = new HttpCookie("myCookie");
    > myCookie.Values["Comment"] = "myCookie purpose";
    > String purpose = myCookie.Values["Comment"];
    >
    > Compliance!


    Um... no. Adding a value like that will concatenate it to the existing
    value string with an ampersand, just like form data. RFC 2965 (2109 is
    obsolete) prescribes a semicolon.

    But more importantly, ASP.NET only uses the Set-Cookie header, not
    Set-Cookie2, which is the correct way to set RFC 2965 cookies. Thus,
    only Netscape (Version 0) cookies are currently supported.

    Cheers,
    --
    http://www.joergjooss.de
    mailto:
     
    Joerg Jooss, Jul 18, 2005
    #5
  6. mauro

    Scott Allen Guest

    Thanks, Joerg. I apolozgize for the misinformation.

    --
    Scott
    http://www.OdeToCode.com/blogs/scott/

    On Mon, 18 Jul 2005 14:09:03 -0700, "Joerg Jooss"
    <> wrote:

    >Scott Allen wrote:
    >
    >> You can get and set the comment through the HttpCookie indexer:
    >>
    >> HttpCookie myCookie = new HttpCookie("myCookie");
    >> myCookie.Values["Comment"] = "myCookie purpose";
    >> String purpose = myCookie.Values["Comment"];
    >>
    >> Compliance!

    >
    >Um... no. Adding a value like that will concatenate it to the existing
    >value string with an ampersand, just like form data. RFC 2965 (2109 is
    >obsolete) prescribes a semicolon.
    >
    >But more importantly, ASP.NET only uses the Set-Cookie header, not
    >Set-Cookie2, which is the correct way to set RFC 2965 cookies. Thus,
    >only Netscape (Version 0) cookies are currently supported.
    >
    >Cheers,
     
    Scott Allen, Jul 19, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Archie

    Encryption and RFC 2109

    Archie, Feb 18, 2004, in forum: Java
    Replies:
    3
    Views:
    656
    Filip Larsen
    Feb 19, 2004
  2. C. Titus Brown

    RFC 2965 cookies, cookielib, and mailman.

    C. Titus Brown, Dec 27, 2004, in forum: Python
    Replies:
    0
    Views:
    522
    C. Titus Brown
    Dec 27, 2004
  3. John J Lee
    Replies:
    0
    Views:
    365
    John J Lee
    Jan 30, 2005
  4. _Who
    Replies:
    7
    Views:
    2,751
  5. Ivan Shmakov
    Replies:
    3
    Views:
    1,200
    Kari Hurtta
    Feb 13, 2012
Loading...

Share This Page