Issue #931 wontfix

CherryPy (3.1.2) chokes on invalid cookies

Anonymous created an issue

I asked one of our support staff to test out a CherryPy based web application at The application returned an HTTP 400 error code with the following message:

{{{ HTTPError(400, "Illegal cookie name __utmz") }}}

The __utmz cookie actually comes from a web site at, so it's completely outside of our control. I don't think CherryPy should be throwing an exception in this situation. I've simply removed the exception from my local copy of, but I'm not sure what the correct fix would be.

Reported by

Comments (7)

  1. Anonymous

    It's impossible to reproduce the error without actually knowing what is the value in the cookie. It could be illegal character, reserved key or value in the cookie that can possibly generate CookieError. I would recommend to close it as wont' fix.

  2. Log in to comment