- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 15 Feb 2018 12:37:19 +1100
- To: HTTP Working Group <ietf-http-wg@w3.org>
I just opened https://github.com/httpwg/http-extensions/issues/494 It's a long issue, with lots of rationale. The change it proposes is small: 1. require that when constructing a Cookie header field the last-access date is set to the same value for all cookies 2. modify the eviction algorithm so that all unexpired cookies with the same last-access date are dropped at the same time Right now, implementations aren't especially consistent in their eviction handling and this might help remove some of the unnecessary (and potentially risky) variation.
Received on Thursday, 15 February 2018 01:37:44 UTC