rfc2109 (aka cookies1) is a package for dealing with cookies in an RFC-compliant way. This is often needed with Web programming.

License: BSD 3-Clause

Repository: https://gitlab.common-lisp.net/rfc2109/rfc2109

Usage summary:

(cookie1:cookie-string "mycookie" "42" :max-age (* 6 24 60 60)) (cookie1:parse-cookies "thisis=\"an old netscape cookie\"") (cookie1:parse-cookies "$Version=1;thisis=\"An RFC 2109-style cookie\";domain=\"fake.domain.name\"")

An araneida example is here: http://paste.lisp.org/display/10504

It parses old netscape cookies as well as RFC 2109 cookies.

- Alan Shields

The function cookie-string in this package does not accept a value of zero, even though RFC2109 says it should. Is this a bug or a feature?

After receiving no reply from Alan, I'm putting up a separate darcs repo that adds two things to the official one:

  • Allow zero max-age to allow expiring a cookie.
  • Add Netscape's "Expires" attribute which some browsers require for setting a persistent cookie.
  • Support parsing cookie values that contain equals signs ('='). Though against the spec, these exist in the wild, used in e.g. Google AdSense/Analytics.

There are no other changes. Ideally these changes would be merged to the main tree.

Sasha Kovar