std lib cookies behavior around double quoted values | Deno | Page 1

ripe quail Feb 16, 2023, 11:44 PM

#

I notice that the Deno std library for cookies doesn't remove encapsulating double quotes, and I found other libraries that do (js-cookie). What kind of behavior do people expect for this?

https://httpwg.org/specs/rfc6265.html#sane-set-cookie

sturdy ridge Feb 17, 2023, 2:52 AM

#

I would open an issue on deno/std repo ¯_(ツ)_/¯

ripe quail Feb 17, 2023, 6:11 AM

#

sturdy ridge I would open an issue on `deno/std` repo ¯\_(ツ)_/¯

I'm not sure what behavior is desirable. Out of silly idleness I checked out various cookie libraries from different ecosystems, and I found inconsistency.

#

I also found that browsers do surprising things with cookies.

#

From a brief reading of the http 1.1 spec I kind of feel that the double quotes should be removed during reading of the cookie string

sturdy ridge Feb 17, 2023, 6:14 AM

#

the http specification is rather unclear about how to deal with a lot of things regarding cookies. I remember having a link to a github issue with probably hundreds of replies on a popular cookie library about how to deal with certain edgecases.

#

https://github.com/js-cookie/js-cookie/issues/595

GitHub

Cookie name with brackets · Issue #595 · js-cookie/js-cookie

Is your feature request related to a problem? Please describe. Because of escaping characters on the key, I can't able to add brackets in key without having escaped characters. js-cookie/sr...

#

found it while looking through my obsidian sync history

#

worth a read if you have free time

#

I think they even bring in the author of the spec at some point

#std lib cookies behavior around double quoted values