Re: Apache and cookies

Rob Hartill wrote:
> 
> Koen Holtman wrote:
> >
> >
> >I recently started using the `show an alert before accepting a cookie'
> >option in NetScape 3.0, and found that many Apache servers on the net
> >wanted to send me a cookie.  I asked a local Apache (1.0.3) server
> >operator why his server was trying to tag a cookie on me (which is
> >considered extremely rude by Dutch standards).  He was not aware that
> >it did; he did not even know what a cookie was.
> >
> >Question: Does Apache send cookies in its default configuration?
> 
> No, but it's long been known that people have mistakenly included
> the mod_cookies *optional* module thinking that it enables cookie support
> in Apache. It doesn't (you don't need a module to do it). What this
> module does is enable a site to log a user's click path through a site.
> 
> People haven't bothered to check what the modules actually do, they
> make assumptions based on the names.

Also, I seem to recall that in 1.0.x the mere presence of mod_cookies turned
them on, without requiring a directive of any sort. I believe this is fixed in
1.2 and possibly also in 1.1.

Note that 1.2 is currently pre-beta.

Cheers,

Ben.

> 
> The module has been renamed for the next release.
> 
> -- 
> Rob Hartill (robh@imdb.com)    
> http://www.imdb.com/  ... why wait for a clear night to see the stars?.
> 

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.            Apache Group member (http://www.apache.org)

Received on Thursday, 26 September 1996 10:14:27 UTC