- From: David W. Morris <dwm@xpasc.com>
- Date: Tue, 29 Jul 1997 09:41:08 -0700 (PDT)
- To: Foteos Macrides <MACRIDES@sci.wfbr.edu>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, http-state@lists.research.bell-labs.com
On Tue, 29 Jul 1997, David W. Morris wrote: > > On Tue, 29 Jul 1997, Foteos Macrides wrote: > > > dmk@research.bell-labs.com (Dave Kristol) wrote: > > >Simpler still, a UA that supports new-style cookies should be sending > > > Cookie: $Version=0 > > >followed by other cookie values. If the server understands new-style > > >cookies, it could respond to further requests with Set-Cookie2. > > > > I just tried sending Cookie: $Version=0; realcookie=realvalue > > for: > > > > Linkname: HTML Form-Testing Home Page > > URL: http://www.research.digital.com/nsl/formtest/home.html > > > > and got back: > > Form Test Results for General1 > > > > Test results: > > * NetscapeCookie - Bad HTTP Cookie value: $Version=0; COOKIE=testvalue > > [...] > > > What if the client sends the $version= by itself? It is legal to send > multiple cookie headers and while folding is possible in theory, I'd > guess it doesn't happen much in practice, but could be wrong, and the > folding wouldn't be applied to an unknown header field name... Anyway, getting rejected by a verification site probably isn't a problem? Dave Morris
Received on Tuesday, 29 July 1997 09:43:17 UTC