- From: Koen Holtman <koen@win.tue.nl>
- Date: Tue, 25 Mar 1997 22:49:18 +0100 (MET)
- To: "David W. Morris" <dwm@xpasc.com>
- Cc: http-wg@cuckoo.hpl.hp.com
David W. Morris: [...] >Symetry would suggest that since we encourage/allow a UA to discard a >cookie under the user's discretion, we should have an optional attribute >which allows the server to stipulate one of the following: > > a. Dont show the page if the user rejects the cookie > b. Warn the user that if the cookie isn't accepted, the application [...] Servers can already do this under the existing spec. It is relatively easy to build a `cookie-enabledness' detector by using redirection. So I see no need to burden the protocol with yet another extension: this can be solved with some clever CGI scripting. The same goes for the CommentURL proposal that had been floating around in another thread. I don't think servers need hard-to-implement protocol extensions if they want to tell their users about their privacy policy. Why not just put a link to your privacy policy on your company home page? >Dave Morris Koen.
Received on Tuesday, 25 March 1997 13:55:08 UTC