Hi there,
I realized today that rails does some automatic (url?) decoding of
cookie values.
I assume it is because if you set a cookie, the value is also url
encoded.
The problem is that the cookie specification does not seem to specify
the need of encoding.
Thus, if an external application sets a cookie (e.g. a domain cookie
where apps are on multiple subdomains)
it can happen that it is decoded although it was not encoded.
A simple example is that a non-encoded cookie containing “a+b” results
in the ruby string “a b” when accessed
in Rails.
I wanted to ask if anyone knows any details about this behavior or if
it is possible to access the raw string?
Thanks a lot,
Christoph