Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Default cookie name doesn't satisfy RFC6265
See original GitHub issueThe default cookie name koa:sess contains :, which is not a valid token character in accordance with RFC6265 and RFC2616. Although most web browsers and servers allow this, it causes problems in some more strict environment such as spray.
Would you consider remaining it? If so, should we take backward compatibility into account?
Issue Analytics
- State:
- Created 9 years ago
- Comments:5 (4 by maintainers)
Top Results From Across the Web
Cookies: HTTP State Management Mechanism
This document defines the HTTP Cookie and Set-Cookie header fields. These header fields can be used by HTTP servers to store state (called ......
Read more >What are allowed characters in cookies? - Stack Overflow
According to the ancient Netscape cookie_spec the entire NAME=VALUE string is: a sequence of characters excluding semi-colon, ...
Read more >Cookies, document.cookie - The Modern JavaScript Tutorial
Cookies are small strings of data that are stored directly in the browser. They are a part of the HTTP protocol, defined by...
Read more >RFC 6265: HTTP State Management Mechanism
1. The Expires Attribute If the attribute-name case-insensitively matches the string "Expires", the user agent MUST process the cookie-av as follows. · 2....
Read more >The VCL Cookie Monster - Fastly
X-First-CookieName; } sub vcl_fetch { unset beresp.http. ... The default VCL is usually placed in /etc/varnish/default.vcl , and you should ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Hi, any updates on this ?
I’m building a server that communicates with a Dart application, with session handling via cookies. Dart validates the cookie names against the RFC, and thus throws an error while parsing a
koa:sesscookie.For now I’ve simply changed the name manually, but I think it would be great to have a default cookie name that doesn’t break the RFC.
@Oursin #197 fixes this.