W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Should server beable to say NoCookie, No Show?

From: Koen Holtman <koen@win.tue.nl>
Date: Tue, 25 Mar 1997 22:49:18 +0100 (MET)
Message-Id: <199703252149.WAA14815@wsooti08.win.tue.nl>
To: "David W. Morris" <dwm@xpasc.com>
Cc: http-wg@cuckoo.hpl.hp.com
David W. Morris:
[...]
>Symetry would suggest that since we encourage/allow a UA to discard a
>cookie under the user's discretion, we should have an optional attribute
>which allows the server to stipulate one of the following:
>
>  a.  Dont show the page if the user rejects the cookie
>  b.  Warn the user that if the cookie isn't accepted, the application
[...]

Servers can already do this under the existing spec.  It is relatively easy
to build a `cookie-enabledness' detector by using redirection.

So I see no need to burden the protocol with yet another extension: this can
be solved with some clever CGI scripting.

The same goes for the CommentURL proposal that had been floating around in
another thread.  I don't think servers need hard-to-implement protocol
extensions if they want to tell their users about their privacy policy.  Why
not just put a link to your privacy policy on your company home page?

>Dave Morris

Koen.
Received on Tuesday, 25 March 1997 13:55:08 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:33 EDT