Cookies: semicolon vs. semicolon-space

P

Peter Michaux

Hi,

These first three links say that when reading document.cookie the
name-value pairs are separated by semicolons and they show examples
like "name=value;expires=date" where there is clearly only a semicolon
separator.

<http://www.w3.org/TR/2000/WD-DOM-Level-1-20000929/level-one-html.html#ID-1006298752-h2>
<http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-8747038>
<http://developer.mozilla.org/en/docs/DOM:document.cookie#Parameters>


The example on Microsoft's site shows that document.cookie.split('; ')
should be used to break up the cookies. This indicates there will
always be a semicolon and space separating the name-value pairs.

<http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/cookie.asp>


I tested Opera, Safari, Firefox, and IE and they all seem to use
semicolon-space.


So what is going on between the standards and the implementations? Are
the standards incorrectly stated? Should code be written to work both
ways or just the semicolon-space way?

Thank you,
Peter
 
D

Daz

Peter said:
Hi,

These first three links say that when reading document.cookie the
name-value pairs are separated by semicolons and they show examples
like "name=value;expires=date" where there is clearly only a semicolon
separator.

<http://www.w3.org/TR/2000/WD-DOM-Level-1-20000929/level-one-html.html#ID-1006298752-h2>
<http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-8747038>
<http://developer.mozilla.org/en/docs/DOM:document.cookie#Parameters>


The example on Microsoft's site shows that document.cookie.split('; ')
should be used to break up the cookies. This indicates there will
always be a semicolon and space separating the name-value pairs.

<http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/cookie.asp>


I tested Opera, Safari, Firefox, and IE and they all seem to use
semicolon-space.


So what is going on between the standards and the implementations? Are
the standards incorrectly stated? Should code be written to work both
ways or just the semicolon-space way?

Thank you,
Peter
Hi peter. As far as I am aware, you are able to store your data in a
cookie any way you want to.

I can only presume that using a space after the semi-colon will
increase the readability (not that you should need to look at the
contents as such), but more importantly, prevent problems when spliting
if one of the values themselves happens to contain a semi-colon.

For example: this is a value; this value contains a semi-colon;;
some;more;values;

In the code above, if you didn't use a space after the semi-colon, you
might end up with some weird results and get:
this is a value;
this value contains a semi-colon
some
more
values

Instead of:
this is a value;
this value contains a semi-colon;
some;more;values;

I hope this makes sense and that I am correct in my assumption.

Basically, I think it's more a question of good practise than a
standard. The is nothing stopping you using _)(- to delimit your cookie
values, although it doesn't look as pretty, takes up more space, and is
probably more difficult to work with.

Best wishes.

Daz.
 
D

Daz

Peter said:
Hi,

These first three links say that when reading document.cookie the
name-value pairs are separated by semicolons and they show examples
like "name=value;expires=date" where there is clearly only a semicolon
separator.

<http://www.w3.org/TR/2000/WD-DOM-Level-1-20000929/level-one-html.html#ID-1006298752-h2>
<http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-8747038>
<http://developer.mozilla.org/en/docs/DOM:document.cookie#Parameters>


The example on Microsoft's site shows that document.cookie.split('; ')
should be used to break up the cookies. This indicates there will
always be a semicolon and space separating the name-value pairs.

<http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/cookie.asp>


I tested Opera, Safari, Firefox, and IE and they all seem to use
semicolon-space.


So what is going on between the standards and the implementations? Are
the standards incorrectly stated? Should code be written to work both
ways or just the semicolon-space way?

Thank you,
Peter

Hi peter. As far as I am aware, you are able to store your data in a
cookie any way you want to.

I can only presume that using a space after the semi-colon will
increase the readability (not that you should need to look at the
contents as such), but more importantly, prevent problems when spliting
if one of the values themselves happens to contain a semi-colon.

For example: this is a value; this value contains a semi-colon;;
some;more;values;

In the code above, if you didn't use a space after the semi-colon, you
might end up with some weird results and get:
this is a value
this value contains a semi-colon
some
more
values

Instead of:
this is a value
this value contains a semi-colon;
some;more;values;

I hope this makes sense and that I am correct in my assumption.

Basically, I think it's more a question of good practise than a
standard. The is nothing stopping you using _)(- to delimit your cookie
values, although it doesn't look as pretty, takes up more space, and is
probably more difficult to work with.

Best wishes.

Daz.
 
M

Michael Winter

Peter said:
These first three links say that when reading document.cookie the
name-value pairs are separated by semicolons and they show examples
like "name=value;expires=date" where there is clearly only a semicolon
separator.

<http://www.w3.org/TR/2000/WD-DOM-Level-1-20000929/level-one-html.html#ID-1006298752-h2>
<http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-8747038>
<http://developer.mozilla.org/en/docs/DOM:document.cookie#Parameters>

The second refers to RFC 2965, which does not require only a semicolon.
The example on Microsoft's site shows that document.cookie.split('; ')
should be used to break up the cookies. This indicates there will
always be a semicolon and space separating the name-value pairs.

[URI snipped]
I tested Opera, Safari, Firefox, and IE and they all seem to use
semicolon-space.

So what is going on between the standards and the implementations? Are
the standards incorrectly stated?

RFC 2965 allows optional white space between tokens. That is, spaces may
occur before or after the equals symbol that separates cookie names and
values, and before or after the semicolon that separates name/value pairs.
Should code be written to work both ways or just the semicolon-space way?

Both, in my opinion. Use a regular expression to search for, and obtain
the value of, the cookie:

new RegExp('(^|;)\\s*' + name
+ '\\s*=\\s*([^\\s;]+)').exec(document.cookie)

If the return value is null, there's no matching cookie. Otherwise, the
second capturing parentheses will contain the value. The value may not
contain spaces and the separating semicolon (if present) will be omitted.

Mike
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top