W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: Proposal: Cookie Priorities

From: Adam Barth <w3c@adambarth.com>
Date: Mon, 7 Mar 2016 09:13:32 -0800
Message-ID: <CADBiRd0n97NbiFa6RH4=FF13XjyaqEDF6hR897AN0sOUDkaNtg@mail.gmail.com>
To: Daniel Stenberg <daniel@haxx.se>
Cc: Mike West <mkwst@google.com>, HTTP Working Group <ietf-http-wg@w3.org>, Samuel Huang <huangs@google.com>, Mark Nottingham <mnot@mnot.net>
On Mon, Mar 7, 2016 at 4:37 AM, Daniel Stenberg <daniel@haxx.se> wrote:

> On Mon, 7 Mar 2016, Mike West wrote:
>
> I'm confused. Are there clients that process things in the reverse order
>> from what RFC6265 lays out?
>>
>
> I'm sure there are several. The curl one just happens to be the one I know
> the best.
>
> I mean, according to the algorithm I quoted in the previous response,
>> `Priority=Low; favcolor=blue` _is_ a cookie named `Priority`. Just like
>> `Max-Age=1; favcolor=blue` is a cookie named `Max-Age` today. I think
>> that's the way browsers process cookies today. Does `curl` do things
>> differently?
>>
>
> It does! It basically detects a set of names used for properties and
> treats the first unknown name value pair on the header as the cookie name,
> in a left-to-right order on the header.
>
> (I'm not suggesting it is a "proper" or "good" implementation, just that
> it works with the vast majority of sites using cookies and it was written
> long before we created RFC 6265 and I guess nobody felt the need to update
> it since to that aspect.)


It might be worth improving the libcurl implementation to match RFC6265.
The vast majority of user agents using the parsing approach described in
RFC6265.  Having a hard-coded list of attribute names makes it (even more)
difficult to extend and improve cookies over time.  Regardless of what you
think of this particular extension, I think most people would agree that
extensibility in protocols is valuable.

Adam
Received on Monday, 7 March 2016 17:14:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC