html5/spec Overview.html,1.2913,1.2914 from Ian Hickson via cvs-syncmail on 2009-09-03 (public-html-commits@w3.org from September 2009)

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Thu, 03 Sep 2009 12:12:56 +0000
To: public-html-commits@w3.org
Message-Id: <E1MjBBQ-0007Ei-76@lionel-hutz.w3.org>
Update of /sources/public/html5/spec
In directory hutz:/tmp/cvs-serv27802

Modified Files:
	Overview.html 
Log Message:
Integrate with draft-abarth-cookie-03. (whatwg r3740)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.2913
retrieving revision 1.2914
diff -u -d -r1.2913 -r1.2914
--- Overview.html	3 Sep 2009 11:56:34 -0000	1.2913
+++ Overview.html	3 Sep 2009 12:12:52 -0000	1.2914
@@ -4502,7 +4502,7 @@
 
      <li><p>Take ownership of the <a href="#storage-mutex">storage mutex</a>.</li>
 
-     <li><p>Update the cookies. <a href="#refsRFC2109">[RFC2109]</a> <a href="#refsCOOKIES">[COOKIES]</a></li>
+     <li><p>Update the cookies. <a href="#refsCOOKIES">[COOKIES]</a></li>
 
      <li><p>Release the <a href="#storage-mutex">storage mutex</a> so that it is once
      again free.</li>
@@ -6176,12 +6176,9 @@
   <code><a href="#security_err">SECURITY_ERR</a></code> exception. Otherwise, if <a href="#the-document-s-address">the
   document's address</a> does not use a server-based naming
   authority, it must return the empty string. Otherwise, it must first
-  <a href="#obtain-the-storage-mutex">obtain the storage mutex</a> and then return the same
-  string as the value of the <code title="">Cookie</code> HTTP header
-  it would include if <a href="#fetch" title="fetch">fetching</a> the resource
-  indicated by <a href="#the-document-s-address">the document's address</a> over HTTP, as per
-  RFC 2109 section 4.3.4 or later specifications, excluding HTTP-only
-  cookies. <a href="#refsRFC2109">[RFC2109]</a> <a href="#refsCOOKIES">[COOKIES]</a></p>
+  <a href="#obtain-the-storage-mutex">obtain the storage mutex</a> and then return the
+  cookie-string for <a href="#the-document-s-address">the document's address</a> for a
+  "non-HTTP" API. <a href="#refsCOOKIES">[COOKIES]</a></p>
 
   <p>On setting, if the document is not associated with a
   <a href="#browsing-context">browsing context</a> then the user agent must raise an
@@ -6193,18 +6190,9 @@
   document's address</a> does not use a server-based naming
   authority, it must do nothing. Otherwise, the user agent must
   <a href="#obtain-the-storage-mutex">obtain the storage mutex</a> and then act as it would when
-  processing cookies if it had just attempted to <a href="#fetch">fetch</a>
-  <a href="#the-document-s-address">the document's address</a> over HTTP, and had received a
-  response with a <code>Set-Cookie</code> header whose value was the
-  specified value, as per RFC 2109 sections 4.3.1, 4.3.2, and 4.3.3 or
-  later specifications, but without overwriting the values of
-  HTTP-only cookies. <a href="#refsRFC2109">[RFC2109]</a> <a href="#refsCOOKIES">[COOKIES]</a></p>
-
-  <p class="note">This specification does not define what makes an
-  HTTP-only cookie, and at the time of publication the editor is not
-  aware of any reference for HTTP-only cookies. They are a feature
-  supported by some Web browsers wherein an "<code title="">httponly</code>" parameter added to the cookie string
-  causes the cookie to be hidden from script.</p>
+  <span title="receives a set-cookie-string">receiving a
+  set-cookie-string</span> for <a href="#the-document-s-address">the document's address</a> via
+  a "non-HTTP" API, consisting of the new value. <a href="#refsCOOKIES">[COOKIES]</a></p>
 
   <p class="note">Since the <code title="dom-document-cookie"><a href="#dom-document-cookie">cookie</a></code> attribute is accessible
   across frames, the path restrictions on cookies are only a tool to
@@ -48678,7 +48666,7 @@
   the HTTP headers (including, in particular, redirects and HTTP
   cookie headers), but must ignore any entity bodies returned in the
   responses. User agents may close the connection prematurely once
-  they start receiving an entity body. <a href="#refsRFC2109">[RFC2109]</a> <a href="#refsCOOKIES">[COOKIES]</a></p>
+  they start receiving an entity body. <a href="#refsCOOKIES">[COOKIES]</a></p>
 
   <p>For URLs that are not HTTP URLs, the requests must be performed
   by <a href="#fetch" title="fetch">fetching</a> the specified URL normally,
@@ -67714,10 +67702,6 @@
    N.  Borenstein. IETF, November 1996.</dd> <!-- for text/plain and
    "Internet Media type"; not for definition of "valid MIME type". -->
 
-   <dt id="refsRFC2109">[RFC2109]</dt>
-   <dd><cite><a href="http://www.ietf.org/rfc/rfc2109.txt">HTTP State Management
-   Mechanism</a></cite>, D. Kristol, L. Montulli. IETF, February 1997.</dd>
-
    <dt id="refsRFC2119">[RFC2119]</dt>
    <dd><cite><a href="http://www.ietf.org/rfc/rfc2119.txt">Key words for use in
    RFCs to Indicate Requirement Levels</a></cite>, S. Bradner. IETF, March
Received on Thursday, 3 September 2009 12:13:06 UTC