Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2

David W. Morris wrote:
> I fail to understand the rationale behind what to me is the most complex
> section in the whole document.  Why are we requiring UAs to combine
> the two headers?
> I think there is no siginificant loss of functionality if this whole
> section is dropped along with the forward reference in the previous
> section.  Simply require the server to send both with appropriate
> attributes. If the UA understands both forms, it MUST send the new form
> and it must replace an existing matching form 1 with the new form.
> Otherwise the UA doesn't understand both and sends the old form.

This issue has been discussed (but perhaps privately?)

The complaint from some parties was that the NAME=VALUE part of cookies, in
particular, can be (and already is) quite large.  So sending it twice, once
in Set-Cookie and once in Set-Cookie2 would incur a lot of network traffic.

I agree that sending a completely separate Set-Cookie2 header with its own
set of values would be much simpler.  But the network traffic that results
was deemed excessive.

Dave Kristol

Received on Tuesday, 25 March 1997 06:49:42 UTC