location of firefox source code that parses Set-Cookie header?
https://stackoverflow.com/questions/3200736
-
12-09-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Can someone please point me to the Firefox source code where Set-Cookie header is parsed? I want to understand the exact behavior.
Read further if you want to know why? For various constraint in my application, I need to pass multiple cookies inside single Set-Cookie header. RFC-2109 clearly mentions,
"Set-Cookie response header comprises the token Set-Cookie:, followed by a comma-separated list of one or more cookies. Each cookie begins with a NAME=VALUE pair, followed by zero or more semi-colon-separated attribute-value pairs."
So I should be able to pass following Set-Cookie header
Set-Cookie: name1=value1; attr11=attrval11; attr12=attrval12,name2=value2; attr21=attrval21; attr22=attrval22;
It doesn't work. However, following does work
Set-Cookie: name1=value1, name2=value2; attr1=attrval1; attr2=attrval2;
And, I want to give different attributes for different cookies.
[Update]
Real Examples:
Example#1-
Set-Cookie: cookie1=value1; Path=/,cookie2=value2; Path=/
In this case firefox parses and gets first cookie(whose name is "cookie1" and value is "value1") out of it(second one is completely ignored)
Example#2-
Set-Cookie: cookie1=value1,cookie2=value2; Path=/
In this case firefox believes there is one cookie whose name is "cookie1" and value is "value1,cookie2=value2". This, again, is not what was intended.
Solution
A quick walk through MXR indicates the main logic is in nsCookieService::SetCookieInternal. You can follow the links back and forth as needed. As far as your actual problem, it may help if you give a real example header.
OTHER TIPS
My understanding is that browsers implement the standard somewhat differently in respect to multiple cookies per Set-Cookie header. However, you can send multiple Set-Cookie headers to set the value of multiple cookies:
Set-Cookie: name1=value1; attr11=attrval11; attr12=attrval12
Set-Cookie: name2=value2; attr21=attrval21; attr22=attrval22
Although is there any reason why you're manually headers to the response instead of using whatever your framework (PHP, ASP.NET, RoR, etc) provides?
well, reading from the source code its clear that firefox doesn't implement RFC-2109 in this regard and uses CR or LF instead of ',' as cookie separator(notice line#1934, 1959, 1990 in http://mxr.mozilla.org/mozilla-central/source/netwerk/cookie/nsCookieService.cpp). I tried both on Firefox v3.6.6, CR is working but LF is not.
Conclusion: on Firefox, I can use CR instead of ',' to separate cookies.
Glitch : None out of (CR, LF, ',') are working on Internet-Explorer. Now can someone point me to "source" code for IE where I can see what they're using as cookie separator :-)
