I have experimented with how different desktop browsers handle cookie values,
specifically with:
* Aurora-28.0a2
* Chrome-31
* Firefox-26
* Internet Explorer-11
* Safari-7.0.1
on OS X 10.9 except for IE which was on Windows 7. This mail is a dump of
things I found out and I will summarize conclus
I think this is actually the principle that is the crux of the matter:
> With respect to the
> requirements of section 4.2, the Tomcat developers have always taken
> the view that cookie headers should be treated as "combinations of
> token, separators, and quoted-string" rather than "*TEXT" for th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/12/2013 01:21, Jeremy Boynes wrote:
> In comments on issue #55917, there was suggestion for refactoring
> cookie support along the lines described in RFC6265.
No, that isn't what I said. What I said was that now might be a good
time to refactor
In comments on issue #55917, there was suggestion for refactoring cookie
support along the lines described in RFC6265. Reading this RFC, it appears to
be more of an effort to standardize the actual behaviour seen on the Internet
for different browser and server implementations. The observation i
