- From: Daniel Stenberg <daniel@haxx.se>
- Date: Mon, 7 Mar 2016 10:53:04 +0100 (CET)
- To: Mike West <mkwst@google.com>
- cc: HTTP Working Group <ietf-http-wg@w3.org>, Samuel Huang <huangs@google.com>, Mark Nottingham <mnot@mnot.net>
On Mon, 7 Mar 2016, Mike West wrote: >> What happens to cookies that are actually called 'Priority' ? > > Like cookies named "HttpOnly" or "MaxAge", this is handled by step 1 of > https://tools.ietf.org/html/rfc6265#section-5.2, which splits the cookie > string on the first ';' into the name/value pair, and the set of attributes. IOW: they'll stop working or get mixed up since we can't tell them apart? HttpOnly isn't done using a key/value so it actually easy is to separate from a cookie named HttpOnly. Max-Age for cookies was first suggested in RFC 2109 (from what I can tell) from 1997, which in theory would make it less likely to ever have worked very good as a cookie name. Priority, however, has been a perfectly fine cookie name since the dawn of cookies. I of course have no idea how common it might be though. Or am I missing some subtlety? -- / daniel.haxx.se
Received on Monday, 7 March 2016 09:53:34 UTC