W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2010

[whatwg] HttpOnly cookie for WebSocket?

From: Fumitoshi Ukai <ukai@chromium.org>
Date: Thu, 28 Jan 2010 08:12:27 +0000
Message-ID: <de17d48e1001280012i2657b587i83cda30f50013e6b@mail.gmail.com>
May/Should WebSocket use HttpOnly cookie while Handshaking?
I think it would be useful to use HttpOnly cookie on WebSocket so that we
could authenticate the WebSocket connection by the auth token cookie which
might be HttpOnly for security reason.

http://www.ietf.org/id/draft-ietf-httpstate-cookie-02.txt

-- 
ukai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20100128/783bb51d/attachment.htm>
Received on Thursday, 28 January 2010 00:12:27 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:20 UTC