Re: [http-state] [httpstate] #1: Remove nameless cookies?

"httpstate issue tracker" <trac@tools.ietf.org> Sun, 04 April 2010 17:58 UTC

Return-Path: <trac@tools.ietf.org>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 67DFC3A6937 for <http-state@core3.amsl.com>; Sun, 4 Apr 2010 10:58:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.167
X-Spam-Level:
X-Spam-Status: No, score=-102.167 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AsSQ2mD1VQlq for <http-state@core3.amsl.com>; Sun, 4 Apr 2010 10:58:52 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (unknown [IPv6:2001:1890:1112:1::2a]) by core3.amsl.com (Postfix) with ESMTP id 321C93A694C for <http-state@ietf.org>; Sun, 4 Apr 2010 10:58:52 -0700 (PDT)
Received: from localhost ([::1] helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.69) (envelope-from <trac@tools.ietf.org>) id 1NyU5z-0000bs-3P; Sun, 04 Apr 2010 10:58:51 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: "httpstate issue tracker" <trac@tools.ietf.org>
X-Trac-Version: 0.11.6
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.11.6, by Edgewall Software
To: ietf@adambarth.com
X-Trac-Project: httpstate
Date: Sun, 04 Apr 2010 17:58:51 -0000
X-URL: http://tools.ietf.org/httpstate/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/httpstate/trac/ticket/1#comment:1
Message-ID: <071.96494dffa638d8867772b18d08e969fe@tools.ietf.org>
References: <062.942b75e971529cb45a48237174d5afdf@tools.ietf.org>
X-Trac-Ticket-ID: 1
In-Reply-To: <062.942b75e971529cb45a48237174d5afdf@tools.ietf.org>
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: ietf@adambarth.com, http-state@ietf.org
X-SA-Exim-Mail-From: trac@tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Cc: http-state@ietf.org
Subject: Re: [http-state] [httpstate] #1: Remove nameless cookies?
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Reply-To: trac@localhost.amsl.com
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Apr 2010 17:58:53 -0000

#1: Remove nameless cookies?
--------------------------------+-------------------------------------------
 Reporter:  ietf@…              |        Owner:        
     Type:  defect              |       Status:  closed
 Priority:  major               |    Milestone:        
Component:  cookie              |      Version:        
 Severity:  -                   |   Resolution:  fixed 
 Keywords:                      |  
--------------------------------+-------------------------------------------
Changes (by ietf@…):

  * status:  new => closed
  * resolution:  => fixed


Comment:

 Per discussion on the mailing list and at IETF77, I've removed nameless
 cookies from the draft.  Cookies without names (either because they lack a
 "=" or because "=" occurs as the first character of the set-cookie-
 string") are now ignored by the user agent.

 I'm somewhat worried that this change will have compatibility challenges,
 but that opinion appears to be the minority.  I'd like to see some
 deployment of this change to validate that this change is sufficiently
 compatible.

-- 
Ticket URL: <http://trac.tools.ietf.org/wg/httpstate/trac/ticket/1#comment:1>
httpstate <http://tools.ietf.org/httpstate/>