- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Wed, 19 Feb 2025 13:45:44 -0800
- To: Johann Hofmann <johannhof@google.com>
- Cc: Rory Hewitt <rory.hewitt@gmail.com>, Anne van Kesteren <annevk@annevk.nl>, Yoav Weiss <yoav.weiss@shopify.com>, HTTP Working Group <ietf-http-wg@w3.org>, Matt Metzger <matthew.metzger@shopify.com>
On Wed, Feb 19, 2025 at 1:10 PM Johann Hofmann <johannhof@google.com> wrote: > I agree that some conversation should be had about the overall approach > of piling on __Prefixes and whether there's some better alternative The pitfalls of not returning cookie attributes was already recognized as a problem that RFC 2109 tried to solve in 1997 (and later RFC 2965). I assume backwards compatibility and randomly broken sites discouraged adoption (the death match between Netscape Navigator and MS IE couldn't have helped--cookies weren't a competitive feature). Prefixes are transparent to all the old client and server software so they can safely be adopted by a web application at their own pace. But they are a hack and can't be easily extended to cover arbitrary attributes.
Received on Wednesday, 19 February 2025 21:46:14 UTC