W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 1997

Re: an (unofficial) cookie draft

From: David W. Morris <dwm@xpasc.com>
Date: Tue, 29 Jul 1997 00:12:30 -0700 (PDT)
To: Dave Kristol <dmk@research.bell-labs.com>
Cc: http-state@lists.research.bell-labs.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.GSO.3.96.970729000217.24439F-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/3973

On Fri, 25 Jul 1997, Dave Kristol wrote:

> Major changes since state-man-mec-02:
> 	- add a $Port attribute to Cookie.  (I spontaneously added this
> 		when I realized it was needed for consistency with the
> 		$Path and $Domain.)

I think your words (on page 7 of the .ps chgbar version) aren't quite
right ...  the port attribute on the setcookie can have three states:

         not specified

It isn't clear to me that your words allow for the 2nd case since 
there is no value for the attribute.   (Did the $ get dropped from
the text in my postscript version?)  Anyway how about:

    The $port attribute must match the port attribute specified on the
    corresponding set-cookie2 header. That is, if port was omitted
    from the set-cookie2 response, $port must be omitted from the
    cookie: request header otherwise $port must be specified without
    a value if the set-cookie2 port attribute was specified without
    a value or $port must be specified with the same value specified
    for the port attribute.

As I've stated previously, I continue to oppose the provisions in
section 10.1 which require the combination of values between the
set-cookie and set-cookie2 header fields.

Dave Morris
Received on Tuesday, 29 July 1997 00:14:36 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:03 UTC