- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 22 Oct 2013 08:58:02 -0700
- To: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>, Roberto Peon <grmocg@gmail.com>
On 22 October 2013 05:18, Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> wrote: > RFC 6265 says the client should sort cookie in a certain way: > http://tools.ietf.org/html/rfc6265#section-5.4 > > Since the header compressor does not preserve the ordering of the headers, > we lose the cookie ordering. > I'm not really sure how important the cookie ordering today or future > though. I'm sure that the only reason that requirement exists is to reduce the fingerprinting surface of the client. The good part with that ordering requirement is that it makes it perfectly clear that ordering carries no semantics. I'm sure that an intermediary or API that translates to HTTP/1.1 can reorder anything that might get messed around by HTTP/2.0 header compression.
Received on Tuesday, 22 October 2013 15:58:30 UTC