W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2008

Re: Set-Cookie vs list header parsing (i129), was: NEW ISSUE: repeating non-list-type-headers

From: Julian Reschke <julian.reschke@gmx.de>
Date: Fri, 15 Aug 2008 21:46:23 +0200
Message-ID: <48A5DD0F.3030402@gmx.de>
To: Dave Kristol <dmk-http@kristol.org>
CC: HTTP Working Group <ietf-http-wg@w3.org>

Dave Kristol wrote:
> Sounds good.
> Corrections:
> can occur multiple lines -> can occur multiple times
> line (see [Kri2001] for details). -> line.  (See [Kri2001] for details.)
> do not share this problem). -> do not share this problem.

OK. Proposed patch: 

at the end of 4.2:

       Note: the "Cookie" and "Set-Cookie" headers as implemented in
       practice (as opposed to how they are specified in [RFC2109]) can
       occur multiple times, but do not use the list syntax, and thus can
       not be combined into a single line.  (See [Kri2001] for details.)
       Also note that the Cookie2/Set-Cookie2 headers specified in
       [RFC2965] do not share this problem.

Informative References:

    [Kri2001]  Kristol, D., "HTTP Cookies: Standards, Privacy, and
               Politics", ACM Transactions on Internet Technology Vol. 1,
               #2, November 2001, <http://arxiv.org/abs/cs.SE/0105018>.

    [RFC2109]  Kristol, D. and L. Montulli, "HTTP State Management
               Mechanism", RFC 2109, February 1997.

    [RFC2965]  Kristol, D. and L. Montulli, "HTTP State Management
               Mechanism", RFC 2965, October 2000.

...more feedback appreciated.

BR, Julian
Received on Friday, 15 August 2008 19:47:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:13:37 UTC