W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

Re: a positive "no thanks" to cookies?

From: Ben Laurie <ben@algroup.co.uk>
Date: Mon, 11 Aug 1997 08:50:53 +0100
Message-Id: <33EEC45D.DB5E1881@algroup.co.uk>
To: Shel Kaphan <sjk@amazon.com>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Shel Kaphan wrote:
> 
> Fact: some people hate cookies.  They keep telling their browsers not to
> accept them.
> 
> A simple-minded way to write some kinds of server-side applications is
> to make sure a browser has a cookie by re-issuing it under certain
> conditions, such as not receiving a cookie header in the request.
> It's annoying to have to have server side state to indicate whether
> you think you've already sent someone a cookie, in order to avoid
> annoying a user who may be deliberately rejecting cookies.
> 
> Shouldn't there be something in the cookie-related part of the protocol
> so a client can tell a server not to send a certain cookie?  It would
> be nice if it could specified at the level of a particular cookie, so
> a user could be particular about which ones to accept and reject.
> 
> Then, if a user told a browser not to accept a cookie, the browser
> could include a header line on subsequent requests whose meaning would
> be something like "Hey! Remember that cookie you tried to send me?
> Well, don't!"
> 
> I'm not proposing a specific implementation - just wondering if
> there's any reaction here to such a thought.

Isn't this rather self-defeating? This mechanism could then be used
instead of the cookie.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 994 6435|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 994 6472|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache
Received on Monday, 11 August 1997 00:53:41 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:51 EDT