Re: Cookie crumbling

On 22 October 2013 05:18, Tatsuhiro Tsujikawa <> wrote:
> RFC 6265 says the client should sort cookie in a certain way:
> Since the header compressor does not preserve the ordering of the headers,
> we lose the cookie ordering.
> I'm not really sure how important the cookie ordering today or future
> though.

I'm sure that the only reason that requirement exists is to reduce the
fingerprinting surface of the client.

The good part with that ordering requirement is that it makes it
perfectly clear that ordering carries no semantics.

I'm sure that an intermediary or API that translates to HTTP/1.1 can
reorder anything that might get messed around by HTTP/2.0 header

Received on Tuesday, 22 October 2013 15:58:30 UTC