Skip to content

A valid Expires= part of Set-Cookie header is not recognized #314

New issue
New issue
Closed
#315
Closed
A valid Expires= part of Set-Cookie header is not recognized#314
#315
Assignees
artemredkin
Milestone
1.2.2
@vlm

Description

@vlm
vlm
opened on Nov 5, 2020

The https://tools.ietf.org/html/rfc2616#section-3.3.1 specifies the Sunday, 06-Nov-94 08:49:37 GMT as a valid date format.

The https://tools.ietf.org/html/rfc6265#section-5.1.1 reinforces that.

The sane-cookie-date non-terminal in https://tools.ietf.org/html/rfc6265#section-4.1.1 reinforces that.

However, the parser only recognizes the Sun, 06 Nov 1994 08:49:37 GMT variant of the Expires= token, effectively not restricting validity of the cookie header.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions