W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 1997

a positive "no thanks" to cookies?

From: Shel Kaphan <sjk@amazon.com>
Date: Sun, 10 Aug 1997 15:54:17 -0700 (PDT)
Message-Id: <199708102254.PAA00711@recife.amazon.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/4149

Fact: some people hate cookies.  They keep telling their browsers not to
accept them.  

A simple-minded way to write some kinds of server-side applications is
to make sure a browser has a cookie by re-issuing it under certain
conditions, such as not receiving a cookie header in the request.
It's annoying to have to have server side state to indicate whether
you think you've already sent someone a cookie, in order to avoid
annoying a user who may be deliberately rejecting cookies.

Shouldn't there be something in the cookie-related part of the protocol
so a client can tell a server not to send a certain cookie?  It would
be nice if it could specified at the level of a particular cookie, so
a user could be particular about which ones to accept and reject.

Then, if a user told a browser not to accept a cookie, the browser
could include a header line on subsequent requests whose meaning would
be something like "Hey! Remember that cookie you tried to send me?
Well, don't!"

I'm not proposing a specific implementation - just wondering if
there's any reaction here to such a thought.
Received on Sunday, 10 August 1997 15:55:12 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:03 UTC