Re: Proposal: Cookie Priorities

> On 4 Mar 2016, at 11:53 AM, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> On 4 March 2016 at 11:02, Mark Nottingham <mnot@mnot.net> wrote:
>> What do folks -- both other browser implementers and site folks -- think about this?
> 
> 
> This is a pretty nice hole Google dug for themselves.  Though I have
> heard the same from folks at other similarly large and crufty
> organizations; it's a real problem.

FWIW - this has been my observation as well (explicitly not pointing fingers :)


> I have a small suggestion:
> 
> if (request.url.scheme == 'http') {
>  cookie.priority = 'floor';
> }
> 
> Related story, I believe that some of those people run servers that
> forcibly evict all cookies other than those on a small whitelist to
> prevent this sort of craziness.  That turns out to have beneficial
> properties.

--
Mark Nottingham   https://www.mnot.net/

Received on Friday, 4 March 2016 00:57:50 UTC