id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
36467	Remove leading whitespace in value of Set-Cookie header in wsgi handler	Lukas Komischke	Lukas Komischke	"Currently, response headers in handlers/wsgi.py are generated with their value component starting with a whitespace character.

Although these whitespaces should be cleaned up by clients, if I understand RFC 6265 correctly, this causes an issue when using ''tornado'' > 6.5.0, as they have implemented stricter checks for headers:

{{{
tornado.httputil.HTTPInputError: Invalid header value ' csrftoken=7pFTUEBo24KFj9cKhWfeuTPSXmWYmYuQ; expires=Tue, 09 Jun 2026 14:27:44 GMT; Max-Age=31449600; Path=/; SameSite=Lax'
}}}

Django already properly strips those whitespaces in handlers/asgi.py, so I'd suggest also stripping them in handlers/wsgi.py in order to restore compatibility with ''tornado''."	Cleanup/optimization	closed	HTTP handling	dev	Normal	fixed			Ready for checkin	1	0	0	0	0	0