- From: David W. Morris <dwm@xpasc.com>
- Date: Tue, 25 Mar 1997 12:19:03 -0800 (PST)
- To: Dave Kristol <dmk@bell-labs.com>
- Cc: http working group <http-wg@cuckoo.hpl.hp.com>
On Tue, 25 Mar 1997, Dave Kristol wrote: > David W. Morris wrote: > > > > section in the whole document. Why are we requiring UAs to combine > > the two headers? > > [...] > The complaint from some parties was that the NAME=VALUE part of cookies, in > particular, can be (and already is) quite large. So sending it twice, once > in Set-Cookie and once in Set-Cookie2 would incur a lot of network traffic. > > I agree that sending a completely separate Set-Cookie2 header with its own > set of values would be much simpler. But the network traffic that results > was deemed excessive. I think there are two alternative solutions to mitigate network traffic for that subset of cookie using application which need to update large pieces of data: a. Use out of band informantion such as the User Agent value to decide which cookie to send b. Minimize the number of times a cookie is set. Perhaps multiple cookies with only one needing upate. c. Restructure the application to maintain more state information in the server. d. Once the first cookie is received by the server, it is only necessary to send one of the two formats. I would speculate that some percentage of large cookie values are related to shopping basket usage and only get large in the course of multiple interactions. The combinatorial rules are difficult and must be implemented to some degree by both the server and the client. In addition, they are in support of a transition interval. I think they should be dropped in the interest of simplicity. Dave Morris
Received on Tuesday, 25 March 1997 12:21:50 UTC