ZF-6675: Automatic cookie concatenation (urlencoding) problem


when sending cookies or setting the cookie jar along with existing cookies, while making a request through the http client, by default, url encodes the cookie value. this is done while returning all the cookies in the cookie jar when finally calling the cookie::__toString() method.

some applications including proprietary web applications, accept and compare cookies as it is set and sent back to the server (raw). so while making requests with the http client, the cookie header values being url encoded raises an issue here, simply because a raw value and a urlencoded value will not match. this happens when the cookie value contains literal characters such as *#$%<>, etc.

there could be 4 possibilities to fix this issue.

  1. to disable url encoding altogether when concat returning the cookie using __toString().
  2. by allowing an additional optional parameter to be set while setting the cookiejar with the http client that acts as a flag, to disable url encoding.
  3. by allowing an additional optional parameter while making the request().
  4. by setting a http client config parameter. eg: disablecookieurlencoding.


Zend_Http_Client has a configuration parameter for 'encodecookies' - if set to false, then no encoding is done. The encodecookies value is passed into Zend_Http_Cookie::fromString("key=value", $uri, $encodecookies) when Zend_Http_Client's setCookie() is called.

(To me this implies there is a solution for this ticket, and it can be closed?)

Shall test and revert.