Hi Oleg, > A cookie with "/" path attribute may not be > set from a URL other than "/".
my understanding is that a cookie with path "/" may be set from any URL with path prefix "/". RFC 2109 mentions the prefix requirement in section 4.3.2 on page 6. So does RFC 2965 in section 3.3.2 on page 8. Unlike with domain names, there is no "reach" restriction that would prevent a servlet at /where/ever/it/may/reside to set a cookie for / on that host, which would be the same as setting a cookie without any path at all. cheers, Roland
