[Bug 19028] Support a rel attribute that restricts cookie transmission from bugzilla@jessica.w3.org on 2013-02-06 (public-html-bugzilla@w3.org from February 2013)

From: <bugzilla@jessica.w3.org>
Date: Wed, 06 Feb 2013 21:43:22 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-19028-2486-52SYJBPLke@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19028

Alexander Romanovich <alex@sirensclef.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |alex@sirensclef.com

--- Comment #1 from Alexander Romanovich <alex@sirensclef.com> ---
What are the chances that you'd consider supporting a response header that
would prompt the browser to whitelist certain url prefixes for restriction of
cookie transmission?

i.e. something like:

No-Cookies: /path/to/dir1/*;/path/to/resource

This would be sent with an HTML document, and then the browser would not send
cookies for anything it requests from /path/to/dir1 or for the specific
resource /path/to/resource, while making sub requests from that web page.

The advantage of this (over a rel attribute) would be that it can be taken into
account for lazy-loaded resources/XHR/etc., and might be easier to implement
than setting a manifest in a separate file somewhere a la application cache.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Wednesday, 6 February 2013 21:43:23 UTC