W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

a positive "no thanks" to cookies?

From: Shel Kaphan <sjk@amazon.com>
Date: Sun, 10 Aug 1997 15:54:17 -0700 (PDT)
Message-Id: <199708102254.PAA00711@recife.amazon.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com

Fact: some people hate cookies.  They keep telling their browsers not to
accept them.  

A simple-minded way to write some kinds of server-side applications is
to make sure a browser has a cookie by re-issuing it under certain
conditions, such as not receiving a cookie header in the request.
It's annoying to have to have server side state to indicate whether
you think you've already sent someone a cookie, in order to avoid
annoying a user who may be deliberately rejecting cookies.

Shouldn't there be something in the cookie-related part of the protocol
so a client can tell a server not to send a certain cookie?  It would
be nice if it could specified at the level of a particular cookie, so
a user could be particular about which ones to accept and reject.

Then, if a user told a browser not to accept a cookie, the browser
could include a header line on subsequent requests whose meaning would
be something like "Hey! Remember that cookie you tried to send me?
Well, don't!"

I'm not proposing a specific implementation - just wondering if
there's any reaction here to such a thought.
Received on Sunday, 10 August 1997 15:55:12 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:51 EDT