Adam Barth
unread,Apr 1, 2013, 9:07:31 PM4/1/13Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Zhong Yu, Pete Resnick, Barry Leiba, http-state
On Mon, Apr 1, 2013 at 6:01 PM, Zhong Yu <
zhong...@gmail.com> wrote:
> Hello cookie masters,
>
> In the follow example of an http response, two cookies are set which differs in the trailing slash of the Path attribute
>
> HTTP/1.1 200 OK
> Set-Cookie: n=v1; Path=/abc
> Set-Cookie: n=v2; Path=/abc/
>
> According to RFC6265, these are two distinct cookies. And cookie#2 is not applicable to request-path "/abc".
>
> In my tests, IE and Chrome conform to these requirement. My question is, are these requirement as intended?
Yes.
> What was the reason behind?
Based on our testing at the time, it was the most widely implemented behavior.
> On Firefox the two cookies are also treated as distinct cookies; however Firefox erroneously sends cookie#2 for request-path "/abc". Should that be considered a bug?
If Firefox changes its behavior to match the spec, it will be more
interoperable with other user agents, which seems like a good thing.
Adam
_______________________________________________
http-state mailing list
http-...@ietf.org
https://www.ietf.org/mailman/listinfo/http-state