RE: Beacon and set cookie from Reitbauer, Alois on 2013-11-18 (public-web-perf@w3.org from November 2013)

From: Reitbauer, Alois <Alois.Reitbauer@compuware.com>
Date: Mon, 18 Nov 2013 09:28:32 +0000
To: Jonas Sicking <jonas@sicking.cc>, Arvind Jain <arvind@google.com>
CC: public-web-perf <public-web-perf@w3.org>
Message-ID: <068e9189042e47c79e9e097f07e9be2c@DM2PR05MB558.namprd05.prod.outlook.com>

From: Jonas Sicking <jonas@sicking.cc>
Sent: Monday, November 18, 2013 8:33 AM
To: Arvind Jain
Cc: public-web-perf
Subject: Re: Beacon and set cookie

On Sun, Nov 17, 2013 at 11:18 PM, Arvind Jain <arvind@google.com> wrote:
> Currently we don't specify how the response to a beacon response will be
> handled. Does the browser:
> a) close connection right after transmitting the data, or
> b) read the response from the server but ignore it, or
> c) read the response header to determine whether to follow a redirect or
> retry on a server busy error, or
> d) do (c) and allow the response to set the cookie on the beacon's url
> domain, but ignore response body.

I would suggest d.

[Alois] I would also suggest d. Also for pratical reasons as the beacon endpoint might use cookies to identify whether requests come from the same client. Most likely they will use cookies for this.

> If (d) is true, will the set cookie be treated as first or third party based
> on whether the url of the document that issued the beacon and the beacon url
> are same or different, respectively?

I'd recommend avoiding defining what's a 3rd party vs. 1st party
cookie. That's not defined by any other web standards as far as I
know. Just let browsers apply whatever cookie policy they want, that's
what they are going to do anyway.

> And second question: do we need to specify that the Referer header will be
> set to the document's uri or is that implicit?

I think that if we refer to the Fetch spec that will define it.

/ Jonas

The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it. Compuware Austria GmbH (registration number FN 91482h) is a company registered in Vienna whose registered office is at 1120 Wien, Austria, Am Euro Platz 2 / Gebäude G.

Received on Monday, 18 November 2013 09:29:14 UTC