W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

Re: Set-Cookie2: "additive" vs. "independent"

From: David W. Morris <dwm@xpasc.com>
Date: Tue, 29 Jul 1997 09:41:08 -0700 (PDT)
To: Foteos Macrides <MACRIDES@sci.wfbr.edu>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, http-state@lists.research.bell-labs.com
Message-Id: <Pine.GSO.3.96.970729093547.5628D-100000@shell1.aimnet.com>


On Tue, 29 Jul 1997, David W. Morris wrote:

> 
> On Tue, 29 Jul 1997, Foteos Macrides wrote:
> 
> > dmk@research.bell-labs.com (Dave Kristol) wrote:
> > >Simpler still, a UA that supports new-style cookies should be sending
> > >	Cookie: $Version=0
> > >followed by other cookie values.  If the server understands new-style
> > >cookies, it could respond to further requests with Set-Cookie2.
> > 
> > 	I just tried sending  Cookie: $Version=0; realcookie=realvalue
> > for:
> > 
> >    Linkname: HTML Form-Testing Home Page
> >         URL: http://www.research.digital.com/nsl/formtest/home.html
> > 
> > and got back:
> >                         Form Test Results for General1
> >                                        
> >    Test results:
> >      * NetscapeCookie - Bad HTTP Cookie value: $Version=0; COOKIE=testvalue
> > [...]
> 
> 
> What if the client sends the $version= by itself? It is legal to send
> multiple cookie headers and while folding is possible in theory, I'd
> guess it doesn't happen much in practice, but could be wrong, and the
> folding wouldn't be applied to an unknown header field name...

Anyway, getting rejected by a verification site probably isn't a problem?

Dave Morris
Received on Tuesday, 29 July 1997 09:43:17 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:49 EDT