diff options
| -rw-r--r-- | docs/news.txt | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/news.txt b/docs/news.txt index 0f9ca63..edcdf9f 100644 --- a/docs/news.txt +++ b/docs/news.txt @@ -12,6 +12,20 @@ Backwards Incompatibilities be issued, in the future this will raise a ``ValueError``, please update your cookie handling code. See https://github.com/Pylons/webob/pull/172 + The cookie-octet specification in RFC6265 states the following characters are + valid in a cookie value: + + Hex Range Actual Characters + --------- ----------------- + [0x21 ] ! + [0x25-0x2B] #$%&'()*+ + [0x2D-0x3A] -./0123456789: + [0x3C-0x5B] <=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[ + [0x5D-0x7E] ]^_`abcdefghijklmnopqrstuvwxyz{|}~ + + RFC6265 suggests using base 64 to serialize data before storing data in a + cookie. + - ``response.set_cookie`` now uses the internal ``make_cookie`` API, which will issue warnings if cookies are set with invalid bytes. See https://github.com/Pylons/webob/pull/172 |