W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Comments on the new cookie draft

From: Koen Holtman <koen@win.tue.nl>
Date: Fri, 21 Feb 1997 22:32:45 +0100 (MET)
Message-Id: <199702212132.WAA13944@wsooti08.win.tue.nl>
To: Dave Kristol <dmk@research.bell-labs.com>
Cc: yarong@microsoft.com, http-wg@cuckoo.hpl.hp.com
Dave Kristol:
>
>Yaron Goland <yarong@microsoft.com> wrote: 
>  > The new cookie draft's backwards compatibility mechanism depends upon
>  > the way that Netscape handles illegally formatted cookies, specifically
>  > cookies with multiple NAME=VALUE pairs (where I use NAME=VALUE as given
>  > >in http://home.netscape.com/newsref/std/cookie_spec.html). Netscape choose to
>
>I disagree that these are "illegally formatted cookies".

For the record, I agree with Yaron that these are indeed illegally formatted
cookies according to NS's original specification.  I too think that the
current errata are incorrect, and possibly insulting, in saying that `MSIE
sends back the wrong cookie name and value'.

[....]
>Almost a year ago we discussed introducing a new header for "new
>cookies" but decided against it.

As far as I recall, we thought at the time that we had a working
compatibility hack which allowed use of the old header.  We now know we were
wrong.  We tried to save some bytes where we couldn't.

I think there is nothing technically wrong with the Set-Cookie-V1
alternative to the current compatibility scheme.  Bytes saved are not that
big an issue here: you don't often need to set a cookie.  I see lots of
servers which send a Set-Cookie header much more often than they really have
to.

If server authors tell us that they prefer some form of Set-Cookie-V1 to the
current compatibility scheme, then I'd prefer to have Set-Cookie-V1, if it
can be had without horrible procedural side-effects.

>Dave Kristol

Koen.
Received on Friday, 21 February 1997 13:34:13 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:30 EDT