#9824: encode , and ; in cookie values so that browsers don't split on them
There is a small chance of backward incompatibility here, but only for
non-SimpleCookie applications reading SimpleCookie generated cookies. Even
then, any such ap is likely to be handling escaped values already, and it would
take a fairly perverse implementation of unescaping to fail to unescape these
newly escaped chars, so the risk seems minimal.
diff --git a/Misc/NEWS b/Misc/NEWS
index f69abcf..8eec18e 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -20,6 +20,9 @@
Library
-------
+- Issue 9824: SimpleCookie now encodes , and ; in values to cater to how
+ browsers actually parse cookies.
+
- Issue 9333: os.symlink now available regardless of user privileges.
The function now raises OSError on Windows >=6.0 when the user is unable
to create symbolic links. XP and 2003 still raise NotImplementedError.