Hi Folks, At the moment, if my cookie value contains = or ; I have take care to escape them myself - e.g. set_cookie 'msg' => 'Hello;World' just emits Set-Cookie: msg=Hello;World; path=/; HttpOnly The browser of course ignores World and I get just msg=Hello as the cookie. 1. Shouldn't set_cookie be URI encoding the value automatically? 2. It'll also be nice if the value of the cookie could be a hash reference which I could serialize/deserialize from the cookie - or do you think this really belongs to Dancer::Session::Cookie? Thanks, Deepak
I think Dancer has to take care of escaping here. There is no reason the user should think about it. Just my opinion.
Le 05/01/2011 17:03, sawyer x a écrit :
I think Dancer has to take care of escaping here. There is no reason the user should think about it.
Just my opinion.
I agree with SawyerX, a report on the issue tracker is welcome ;) -- Alexis Sukrieh
Done: https://github.com/sukria/Dancer/issues/#issue/248 Also, should I file a separate issue about my second point? Right now set_cookie allows me to just set a single name value pair. It'd be extremely convenient if it could take a hash reference or array as a second value and do something with it. Right now passing a hash ref, just causes it to set HASH0x.. as the cookie's value. e.g. In Catalyst, I can write code like: $c->response->cookies->{oauth} = { value => { token => $nt->request_token, token_secret => $nt->request_token_secret, }, }; Thanks, Deepak On Wed, Jan 5, 2011 at 9:36 PM, Alexis Sukrieh <sukria@sukria.net> wrote:
Le 05/01/2011 17:03, sawyer x a écrit :
I think Dancer has to take care of escaping here. There is no reason the user should think about it.
Just my opinion.
I agree with SawyerX, a report on the issue tracker is welcome ;)
-- Alexis Sukrieh _______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
On Wednesday 05 January 2011 17:06:23 Deepak Gulati wrote:
Nice one :)
Also, should I file a separate issue about my second point? Right now set_cookie allows me to just set a single name value pair. It'd be extremely convenient if it could take a hash reference or array as a second value and do something with it. Right now passing a hash ref, just causes it to set HASH0x.. as the cookie's value.
e.g. In Catalyst, I can write code like:
$c->response->cookies->{oauth} = { value => { token => $nt->request_token, token_secret => $nt->request_token_secret, }, };
Yes, I'd say raise that as a second issue, please. The first issue you've raised is for an immediate bug which needs fixing. The second is a feature request - automatic serialisation of references passed to set_cookie. It's certainly a good idea and something I'd like to see. (Personally I store everything in a session, with cookies being used only for the session ID, but there are cases where just shoving a hashref of a few settings into a cookie would be beneficial.) I don't know if we should just turn it straight into JSON, or what. Some consideration should probably be given to ensuring that the serialised result doesn't exceed a sensible size. If we auto-serialise it, then when a request is processed, any serialised cookie values should be deserialised, so you end up with pretty much what you passed to set_cookie before. Cheers Dave P -- David Precious <davidp@preshweb.co.uk> http://blog.preshweb.co.uk/ www.preshweb.co.uk/twitter www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook www.preshweb.co.uk/identica www.lyricsbadger.co.uk "Programming is like sex. One mistake and you have to support it for the rest of your life". (Michael Sinz)
participants (4)
-
Alexis Sukrieh -
David Precious -
Deepak Gulati -
sawyer x