Re: cookies: 2/4 headers?

At 9:01 PM +0100 3/1/97, Koen Holtman wrote:
>[...]
>>I've spent some time this afternoon trying to work through the cookie
>>spec to change over to a new header (Set-Cookie2).  I'd like to remove
>>two warts in the syntax for the Cookie header:
>
>I'd prefer it if you do not make any cosmetic changes to the syntax of
>the Cookie header at this point.
>
>Also, I prefer not to have a Cookie2 header.  You can be compatible
>with old servers even if you do not have it.

You can, but it is much messier, I think.
>
>I think the following compatibility scheme is optimal.
>[cases omitted]

The messy part is for a SMG ("new cookie") aware server to distinguish an
old from a new cookie, and it must be able to do so, because it doesn't
know, a priori, what the user agent is going to do when it (UA) gets both
Set-Cookie and Set-Cookie2.  Making it possible to distinguish the
responses imposes some warts on the server-side processing.  If there were
a Cookie2 header, it becomes trivially easy to tell them apart, and the
specification for Cookie2 can be much cleaner.

Dave Kristol

Received on Saturday, 1 March 1997 15:03:16 UTC