
DrZed
User
Jun 16, 2000, 9:53 AM
Post #1 of 1
(5621 views)
|
Cookies and encoding reserved characters.
|
Can't Post
|
|
Ok, I'm trying to understand the format of cookies. From what I understand, writing a cookie in an HTTP header takes the following format: Set-Cookie: name=value; And the header can also include the following: expires, path, domain, secure. Anyway, certain characters are not allowed in the name and value and therefore they must be encoded. My main question is, what characters are not allowed? My current conclusion is: space, semicolon, comma and equal sign. I understand the need to reserve the space, semicolon and equal sign, but I don't understand the need for the comma. Am I incorrect about the comma, or is there a reason for it? Is it possible to write more than one cookie without each having it's own Set-Cookie line? This is the only thing I could think of a comma being used for (e.g. n=v, n=v, n=v . Also, it seems that the common convention for encoding these character is to convert them to a hash (%) followed by a double-digit hexidecimal ascii value. This also requires that the hash (%) be converted. Finally, it seems that there is a convention to encode spaces as plus signs rather than as %20's, which requires that plus signs be a reserved character. So, in summary: - Are there any reserved characters that I'm missing? - Is the comma a reserved characters and if so, why? - Can more than one name/value pair be included on a single line? Thanks for any response, Dr. Zed
|