tomcat doesn't use that spec, we use
http://wp.netscape.com/newsref/std/cookie_spec.html
http://www.faqs.org/rfcs/rfc2109.html
not sure how many browsers are actually up to 2965 yet
Filip
William A. Rowe, Jr. wrote:
The standard is only 7 1/2 years old;
http://www.ietf.org/rfc/rfc2965
Jim Manico wrote:
According to Daniel Stenberg, Cookies are not even *mentioned* in
RFC2616
Per
http://lists.w3.org/Archives/Public/ietf-http-wg/2008JanMar/0623.html
"On Tue, 18 Mar 2008, Jim Manico wrote:
> Are there any efforts underway to support the HttpOnly cookie
directive
> within any version of the HTTP Protocol?
1 - Cookies aren't included in RFC2616 at all.
2 - Hardly any implemenations of cookies follow any recent attempts to
document how cookies should be handled so I doubt writing yet
another
cookie spec update will help much.
Given the history of cookies so far, they are doomed to be adhoc'ed
and work
in a random undocumented fashion... (unless you count the original
Netscape
cookie document a specification)."
Ouch. Is this true?
- Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
