RE: Combining multiple message-header fields from Joris Dobbelsteen on 2000-07-16 (www-talk@w3.org from July to August 2000)

From: Joris Dobbelsteen <joris.dobbelsteen@mail.com>
Date: Sun, 16 Jul 2000 15:33:22 +0200
To: "WWW WG (E-mail)" <www-talk@w3.org>
Message-ID: <000201bfef2a$6ad56ca0$0d0aa8c0@THUIS.LOCAL>

The Set-Cookie headers also fall out of scope of the HTTP/1.1 RFC (RFC2616).
They fall under a separate RFC: HTTP State Management Mechanism (RFC2109).

I didn't read the RFC, but the line I read indicates it should be possible:

   set-cookie      =       "Set-Cookie:" cookies
   cookies         =       1#cookie
   cookie          =       NAME "=" VALUE *(";" cookie-av)
   NAME            =       attr
   VALUE           =       value
   cookie-av       =       "Comment" "=" value
                   |       "Domain" "=" value
                   |       "Max-Age" "=" value
                   |       "Path" "=" value
                   |       "Secure"
                   |       "Version" "=" 1*DIGIT

   Informally, the Set-Cookie response header comprises the token Set-
   Cookie:, followed by a comma-separated list of one or more cookies.
   Each cookie begins with a NAME=VALUE pair, followed by zero or more
   =========================================
   semi-colon-separated attribute-value pairs.  The syntax for
   attribute-value pairs was shown earlier.  The specific attributes and
   the semantics of their values follows.  The NAME=VALUE attribute-
   value pair must come first in each cookie.  The others, if present,
   can occur in any order.  If an attribute appears more than once in a
   cookie, the behavior is undefined.

But more likely browsers don't 'understand' this.....
Or maybe that I'm wrong about it....

- Joris Dobbelsteen

-----Original Message-----
From: Life is hard, and then you die [mailto:ronald@innovation.ch]
Sent: zaterdag 15 juli 2000 21:40
To: Bjoern Hoehrmann
Cc: http-wg@hplb.hpl.hp.com
Subject: Re: Combining multiple message-header fields

On Sat, Jul 15, 2000 at 05:44:40PM +0200, Bjoern Hoehrmann wrote:
[snip]
> I'm building a HTTP UserAgent with PHP and now i'm dealing with this
multiple
> message-header fields. If my UserAgent receives such multiple fields,
should
> it combine these fields into one or should it keep the multiple fields and
> send it to the server (if present in a request)? The problem behind this
is
> the storage of this header fields. Currently i have an associative array
that
> does something like
[snip]

Combining multiple header fields works just fine, with one exception: the
Set-Cookie header field. Some browsers don't handle multiple cookies in a
Set-Cookie header field (i.e. they require a separate header field for each
cookie to be set). Furthermore, because a number of sites use broken cookies
which contain commas in the value, parsing a combined Set-Cookie header
field
can be a little tricky.

  Cheers,

  Ronald

Received on Sunday, 16 July 2000 09:32:04 UTC