Cookie encoding inconsistency
|Reported by:||kirpit||Owned by:||nobody|
|Severity:||Release blocker||Keywords:||cookie, encoding|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Django is encoding cookie values and if, only if any of its value is encoded, wrapping the entire value within double quotes.
django/http/__init__.py starts from the line #84 (for 1.4.3):
# If encoded now contains any quoted chars, we need double quotes # around the whole string. if "\\" in encoded and not encoded.startswith('"'): encoded = '"' + encoded + '"'
That means, the value hello will be stored as hello but hello world will be stored as "hello world".
If you use jquery.cookie with its default values ($.cookie.raw = false; and $.cookie.json = false;) you get the server-side set value with double quotes around it (as in var value = '"hello world"';)
If you use it with $.cookie.json = true;, you get the double quoted values fine (as in var value = "hello world";) but you get syntax error (for hello) because it is trying JSON.parse('hello'), which is not a valid JSON string.