Skip Menu |

This queue is for tickets about the CGI-Lite CPAN distribution.

Report information
The Basics
Id: 32329
Status: resolved
Worked: 45 min
Priority: 0/
Queue: CGI-Lite
People
Owner: HOUSTON [...] cpan.org
Requestors: burak [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: 2.02
Fixed in: 2.03

History Show all quoted text
  Tue Jan 15 09:18:28 2008 burak [...] cpan.org - Ticket created
Subject: _decode_url_encoded_data() needs to be fixed for handling cookies
This code: $delimiter = ';\s+'; must be replaced with: $delimiter = '[;,] ?'; in order to handle cookies correctly. Current implementation is broken with this kind of cookies for example: $ENV{HTTP_COOKIE} = q{a=b;foo=bar} Note: I took the '[;,] ?' regex from Lincoln Stein's CGI::Cookie.
  Wed May 21 12:44:45 2014 HOUSTON [...] cpan.org - Correspondence added 15 min
Hello BURAK, Yes, the current implementation is indeed broken and there are plenty of RFC-compatible cookie strings which it doesn't handle. I'm inclined to use the even more forgiving $delimiter = '[;,] *'; as it doesn't appear to cause any problems and my reading of RFC 2965 suggests that more than single whitespaces may be present. If you have no objections, this is the pattern I will use in the forthcoming release. Thanks very much for your bug report and suggestions, Pete On Tue Jan 15 09:18:28 2008, BURAK wrote: Show quoted text
> This code: > > $delimiter = ';\s+'; > > must be replaced with: > > $delimiter = '[;,] ?'; > > in order to handle cookies correctly. Current implementation is broken > with this kind of cookies for example: > > $ENV{HTTP_COOKIE} = q{a=b;foo=bar} > > Note: I took the '[;,] ?' regex from Lincoln Stein's CGI::Cookie.
  Wed May 21 12:44:46 2014 The RT System itself - Status changed from 'new' to 'open'
  Wed May 21 12:44:46 2014 HOUSTON [...] cpan.org - Taken
  Fri May 30 12:00:09 2014 burak [...] cpan.org - Correspondence added
Thanks for the fix
  Mon Jun 02 04:42:22 2014 HOUSTON [...] cpan.org - Correspondence added 30 min
You're most welcome. If you have any other suggestions or spot other bugs please continue to report them here. All the best, Pete
  Mon Jun 02 04:42:23 2014 HOUSTON [...] cpan.org - Status changed from 'open' to 'resolved'
  Mon Jun 02 04:42:24 2014 HOUSTON [...] cpan.org - Fixed in 2.03 added