Unintended behavior change in 1.5.1 regarding cookies


Archiloque <code@...>
 

Hi,

in 1.5.1 I migrated the cookie parsing code to use the CGI method instead of custom code, goal was to fix an issue with the bonus of a simpler code.

But it introduced the unintended behavior of unescaping the cookies values, which was undetected until now. It may sound nicer to have escaped value but it means that it is no more possible to directly copy a response cookie into a new request (as we don't escape cookie value in the request side), so fo the next version we'll be back to the non-escaping behaviour (but without the initial bug).

Thanks to Lars Burgess for reporting the bug and helping me to reproduce it.

Regards

A.