On Wed, 6 Jul 2005, Joe Orton wrote:
1. Should "Version" attribute be really required as rfc 2109 says?
In general the way to answer questions like this is to follow what the RFC
says unless doing so will significantly hurt interoperability with
real-world servers; except when not following the RFC causes some more
serious (e.g. security) issue.
Just a word from a guy who implemented a cookie parser designed to be able to
interoperate with servers in the same manner ordinary browsers do.
Hardly _any_ site out there adheres to the RFC2109 spec, or even any other
cookie spec other than that first Netscape one.
It seems cookies are often dealt with by scripts written by sloppy humans, and
therefore you can exepect to the full range of human shortcuts and
interpretations of specs.
This is just my view. Feel free to ignore.
--
-=- Daniel Stenberg -=- http://daniel.haxx.se -=-
ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol
_______________________________________________
neon mailing list
[email protected]
http://mailman.webdav.org/mailman/listinfo/neon
