I know this is an old question but it hasn't changed and I believe this was
for compatibility with RFC 2109 (which is obsoleted by RFC 6265).
Section 4.2.2 states:
Domain=domain
Optional. The Domain attribute specifies the domain for which the
cookie is valid. An explicitly specified domain must always start
with a dot.
On Sunday, 8 February 2015 23:19:45 UTC-5, Nigel Tao wrote:
>
> On Tue, Jan 27, 2015 at 1:44 AM, <jk.lee....@gmail.com <javascript:>>
> wrote:
> >
> https://github.com/golang/go/blob/master/src/net/http/cookie.go#L144-L151
>
> It's been a while since I've looked at this, but the relevant spec for
> HTTP Cookies is RFC 6265, and sections 4 and 5 deal with servers and
> clients.
>
> Section 4.1.2.3. The Domain Attribute says that:
> Note that a leading %x2E ("."), if present, is ignored even though
> that character is not permitted.
>
> Section 5.2.3. The Domain Attribute says that:
> If the first character of the attribute-value string is %x2E ("."):
> Let cookie-domain be the attribute-value without the leading %x2E
> (".") character.
>
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
