Andre Gebers wrote:
Hi,
newer versions of opera send the Cookie2-header along with the
Cookie-header which looks somewhat like this:
Right, but the patch would not work.
It would be a security hole, because the http rfc
diferentiates cookie from cookie2.
Right now the Cookie2 header is passed as unknown header,
so it should work anyhow if the remote accepts the Cookie2.
IIRC it is not part of Servlet-spec, so it would not show
in javax.servlet.Cookie.
We would need to extend the AJP1.3 protocol to support
missing HTTP/1.1 features (the Cookie2 is not the only one).
I'm in a process of proposing those additions, but it will
probably be inside jk3 (jk1.3).
Thanks,
Mladen.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
