Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(87)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/cookie_monster.cc

Issue 7155016: Remove out-of-date comments that refer to old cookie implementations and specs. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/cookie_monster.cc
===================================================================
--- net/base/cookie_monster.cc (revision 88927)
+++ net/base/cookie_monster.cc (working copy)
@@ -193,12 +193,6 @@
}
// Get the normalized domain specified in cookie line.
- // Note: The RFC says we can reject a cookie if the domain
- // attribute does not start with a dot. IE/FF/Safari however, allow a cookie
- // of the form domain=my.domain.com, treating it the same as
- // domain=.my.domain.com -- for compatibility we do the same here. Firefox
- // also treats domain=.....my.domain.com like domain=.my.domain.com, but
- // neither IE nor Safari do this, and we don't either.
url_canon::CanonHostInfo ignored;
std::string cookie_domain(CanonicalizeHost(domain_string, &ignored));
if (cookie_domain.empty())
@@ -1826,23 +1820,6 @@
// value_start should point at the first character of the value.
*value_start = *it;
- // It is unclear exactly how quoted string values should be handled.
- // Major browsers do different things, for example, Firefox supports
- // semicolons embedded in a quoted value, while IE does not. Looking at
- // the specs, RFC 2109 and 2965 allow for a quoted-string as the value.
- // However, these specs were apparently written after browsers had
- // implemented cookies, and they seem very distant from the reality of
- // what is actually implemented and used on the web. The original spec
- // from Netscape is possibly what is closest to the cookies used today.
- // This spec didn't have explicit support for double quoted strings, and
- // states that ; is not allowed as part of a value. We had originally
- // implement the Firefox behavior (A="B;C"; -> A="B;C";). However, since
- // there is no standard that makes sense, we decided to follow the behavior
- // of IE and Safari, which is closer to the original Netscape proposal.
- // This means that A="B;C" -> A="B;. This also makes the code much simpler
- // and reduces the possibility for invalid cookies, where other browsers
- // like Opera currently reject those invalid cookies (ex A="B" "C";).
-
// Just look for ';' to terminate ('=' allowed).
// We can hit the end, maybe they didn't terminate.
SeekTo(it, end, kValueSeparator);
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698