According to Daniel Stenberg, Cookies are not even *mentioned* in RFC2616
Per http://lists.w3.org/Archives/Public/ietf-http-wg/2008JanMar/0623.html
"On Tue, 18 Mar 2008, Jim Manico wrote:
> Are there any efforts underway to support the HttpOnly cookie directive
> within any version of the HTTP Protocol?
1 - Cookies aren't included in RFC2616 at all.
2 - Hardly any implemenations of cookies follow any recent attempts to
document how cookies should be handled so I doubt writing yet another
cookie spec update will help much.
Given the history of cookies so far, they are doomed to be adhoc'ed and
work
in a random undocumented fashion... (unless you count the original Netscape
cookie document a specification)."
Ouch. Is this true?
- Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
