- From: Shel Kaphan <sjk@amazon.com>
- Date: Sun, 10 Aug 1997 15:54:17 -0700 (PDT)
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Fact: some people hate cookies. They keep telling their browsers not to accept them. A simple-minded way to write some kinds of server-side applications is to make sure a browser has a cookie by re-issuing it under certain conditions, such as not receiving a cookie header in the request. It's annoying to have to have server side state to indicate whether you think you've already sent someone a cookie, in order to avoid annoying a user who may be deliberately rejecting cookies. Shouldn't there be something in the cookie-related part of the protocol so a client can tell a server not to send a certain cookie? It would be nice if it could specified at the level of a particular cookie, so a user could be particular about which ones to accept and reject. Then, if a user told a browser not to accept a cookie, the browser could include a header line on subsequent requests whose meaning would be something like "Hey! Remember that cookie you tried to send me? Well, don't!" I'm not proposing a specific implementation - just wondering if there's any reaction here to such a thought.
Received on Sunday, 10 August 1997 15:55:12 UTC