Opened 10 years ago

Closed 10 years ago

#19641 closed Bug (invalid)

Cookie encoding inconsistency

Reported by: kirpit Owned by: nobody
Component: HTTP handling Version: 1.4
Severity: Release blocker Keywords: cookie, encoding
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


Django is encoding cookie values and if, only if any of its value is encoded, wrapping the entire value within double quotes.

django/http/ starts from the line #84 (for 1.4.3):

# If encoded now contains any quoted chars, we need double quotes
# around the whole string.
if "\\" in encoded and not encoded.startswith('"'):
  encoded = '"' + encoded + '"'

That means, the value hello will be stored as hello but hello world will be stored as "hello world".

I believe this is totally inconsistent and difficult to handle from client side. For example, you simply cannot use jquery.cookie to get the exact value without writing some double quotes checking javascript code.

If you use jquery.cookie with its default values ($.cookie.raw = false; and $.cookie.json = false;) you get the server-side set value with double quotes around it (as in var value = '"hello world"';)

If you use it with $.cookie.json = true;, you get the double quoted values fine (as in var value = "hello world";) but you get syntax error (for hello) because it is trying JSON.parse('hello'), which is not a valid JSON string.

Change History (1)

comment:1 Changed 10 years ago by Ramiro Morales

Resolution: invalid
Status: newclosed

Actually, This seems to be a problem of that jquery.cookie library you are using:

Note: See TracTickets for help on using tickets.
Back to Top