-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[rfc] Making HTTP::Cookie fully? comply with RFC 6265. #5033
Comments
Maybe we can use |
I was going to make a separate issue, but seeing as this is here already I'll just add to it. It seems as though
|
@watzon this is a separate issue, please make a new issue or PR. Numbers greater than |
Edited for correctness.
It is possible the below isn't needed, if we aren't trying to support Internet Explorer as a client to a Crystal server.
Looking at HTTP::cookie (in the latest Crystal revision), we aren't complying with RFC 6265 as regards
max-age
andexpires
.See:
https://tools.ietf.org/html/rfc6265#section-4.1.2.2
https://tools.ietf.org/html/rfc6265#section-5.2.2
max_age
andexpires
values should both be modifiable so that exact cookies can be created as desired.I've got a PR I'm working on to do the following:
expires
header value.Issues:
expires
value, not the actual expiration time (which can be dependent on max-age if provided). I don't have a suitable name to replace this method with. In other words, I need a method name for a method to give the calculated expiration time for a cookie.Thoughts would be appreciated.
The text was updated successfully, but these errors were encountered: