This will present itself in some server-side environments. The cookie set by the cookie extension creates a value that is not url-encoded. In my case, the cookie was submitted at the next server request, and mod_perl got very upset (though it was not asked to do anything with the cookie, just retrieving the cookie jar made it cry).
The workaround (and bug fix): in dhtmlx_cookie.js
var i=encodeURI(this.templates.xml_format(c||b))+"@"+(a||e);
and
d[0]=this.templates.xml_date(decodeURI(d[0]))
I tested the change and it seems to work like a charm!