On 27/08/2024 17:21, Christopher Schultz wrote:
Mark,
On 8/27/24 11:31, Mark Thomas wrote:
On 26/08/2024 15:14, Christopher Schultz wrote:
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options w
Mark,
On 8/27/24 11:31, Mark Thomas wrote:
On 26/08/2024 15:14, Christopher Schultz wrote:
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow |
On 26/08/2024 14:58, Christopher Schultz wrote:
What good is a cookie with no name?
I'm not sure. I know we had some users that wanted a cookie without a
value (I guess it is some sort of boolean flag). That makes more sense
to me than a cookie without a name.
Is this one of those "optimiza
On 26/08/2024 15:09, Christopher Schultz wrote:
Mark,
On 8/16/24 04:32, Mark Thomas wrote:
On 14/08/2024 19:12, Konstantin Kolinko wrote:
I think that
1) We would better switch to "ignore" mode right now, in all
supported versions.
Based on past experience I am extremely hesitant to chan
On 26/08/2024 15:14, Christopher Schultz wrote:
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow | ignore] instead of yes/no, it opens the door
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow | ignore] instead of yes/no, it opens the door to
additional behaviors. (such as reject which tr
Mark,
On 8/16/24 04:32, Mark Thomas wrote:
On 14/08/2024 19:12, Konstantin Kolinko wrote:
I think that
1) We would better switch to "ignore" mode right now, in all supported
versions.
Based on past experience I am extremely hesitant to change anything
related to cookie handling behaviour
Mark,
On 8/14/24 10:29, Mark Thomas wrote:
Hi all,
The IETF HTTP working group is working on RFC 6265bis (the RFC that will
replace RFC 6265). I have been reviewing the changes to see what impact
they might have on Tomcat and our users.
There are a few changes (e.g. SameSite) we have alread
On 19/08/2024 08:38, Rémy Maucherat wrote:
On Fri, Aug 16, 2024 at 5:25 PM Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
Ok, I think your proposed options are very good. Thanks fo
On Fri, Aug 16, 2024 at 5:25 PM Mark Thomas wrote:
>
> On 16/08/2024 13:40, Tim Funk wrote:
> > How about missingEqualsCookie="allow | ignore"?
>
> The proposed options were:
> - ignore
> - name
> - value
Ok, I think your proposed options are very good. Thanks for the
summary. Personally I would
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow | ignore] instead of yes/no, it opens the door to
additional behaviors. (such as reject which triggers a http error)
Agreed.
Mark
--
How about missingEqualsCookie="allow | ignore"?
By using [allow | ignore] instead of yes/no, it opens the door to
additional behaviors. (such as reject which triggers a http error)
-Tim
On Fri, Aug 16, 2024 at 4:33 AM Mark Thomas wrote:
> On 14/08/2024 19:12, Konstantin Kolinko wrote:
>
>
>
On 14/08/2024 19:12, Konstantin Kolinko wrote:
I think that
1) We would better switch to "ignore" mode right now, in all supported versions.
Based on past experience I am extremely hesitant to change anything
related to cookie handling behaviour unless we have to. I'd prefer to
use "name"
ср, 14 авг. 2024 г. в 17:29, Mark Thomas :
>
> Hi all,
>
> The IETF HTTP working group is working on RFC 6265bis (the RFC that will
> replace RFC 6265). I have been reviewing the changes to see what impact
> they might have on Tomcat and our users.
Links:
https://datatracker.ietf.org/doc/html/rfc6
14 matches
Mail list logo
