Closed seanmcoleman closed 7 years ago
carcamano
commented
7 years ago Hi @seanmcoleman,
I understand you problem here.. But I can't see a nice way to solve it. We decide to encode our Cookies allowing users to store almost anything on this resource.
Do you have any suggestion here?
Ty
Bigous
commented
7 years ago One way to solve it could be exporting another object (a UnmanagedCookieService and UnmanagedCookie) that does the same, but does no transformation or treatment neither in cookie name nor cookie value...
This way users can choose when to have a safer cookie, or, in cases like @seanmcoleman's, where he doesn't have control over part of the system, he deals with the pure cookie name and value and it's pitfalls (setting values or names with semicolon for example).
What do you think?
seanmcoleman
commented
7 years ago @carcamano I think encoding the cookie value is still appropriate and a nice feature, but encoding the cookie name doesn't feel necessary. Some values would need to be encoded like ; but not all invalid URI characters (only the cookie value needs that).
A big concern is backwards compatibility as removing encoding on cookie names will break the link with existing encoded cookies. I think @Bigous idea is a great approach.
carcamano
commented
7 years ago Hi @seanmcoleman ,
I published a new version of ng2-cookies and now you can try to use UnmanagedCookie or UnmanagedCookieService.
Let me know if it's working as your request.
Ty
Cookie names are encoded using
encodeURIComponentmaking it impossible to set a valid cookie name with certain characters, specifically#. This is important when writing code to set cookie names matching unchangeable legacy systems and established system standards.