IETF Logo Mail Archive

Re: Proposal: Cookie Priorities

Daniel Stenberg <daniel@haxx.se> Mon, 07 March 2016 19:25 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfc.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 0575F1CD92F for <ietfarch-httpbisa-archive-bis2Juki@ietfc.amsl.com>; Mon, 7 Mar 2016 11:25:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.022
X-Spam-Level:
X-Spam-Status: No, score=-5.022 tagged_above=-999 required=5 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.41]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vgj2B2JymSqm for <ietfarch-httpbisa-archive-bis2Juki@ietfc.amsl.com>; Mon, 7 Mar 2016 11:25:36 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfc.amsl.com (Postfix) with ESMTPS id C0C4D1CD8A7 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 7 Mar 2016 11:25:36 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ad0hP-0004Fi-Sp for ietf-http-wg-dist@listhub.w3.org; Mon, 07 Mar 2016 19:20:11 +0000
Resent-Date: Mon, 07 Mar 2016 19:20:11 +0000
Resent-Message-Id: <E1ad0hP-0004Fi-Sp@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <daniel@haxx.se>) id 1ad0hI-00041P-MT for ietf-http-wg@listhub.w3.org; Mon, 07 Mar 2016 19:20:04 +0000
Received: from giant.haxx.se ([80.67.6.50] ident=root) by lisa.w3.org with esmtp (Exim 4.80) (envelope-from <daniel@haxx.se>) id 1ad0hG-000604-If for ietf-http-wg@w3.org; Mon, 07 Mar 2016 19:20:04 +0000
Received: from giant.haxx.se (dast@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-3) with ESMTPS id u27JJVZd016109 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Mar 2016 20:19:31 +0100
Received: from localhost (dast@localhost) by giant.haxx.se (8.15.2/8.15.2/Submit) with ESMTP id u27JJUqN016104; Mon, 7 Mar 2016 20:19:31 +0100
X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs
Date: Mon, 07 Mar 2016 20:19:30 +0100
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: Adam Barth <w3c@adambarth.com>
cc: Mike West <mkwst@google.com>, HTTP Working Group <ietf-http-wg@w3.org>, Samuel Huang <huangs@google.com>, Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CADBiRd0n97NbiFa6RH4=FF13XjyaqEDF6hR897AN0sOUDkaNtg@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.1603072012110.28463@tvnag.unkk.fr>
References: <CAKXHy=dvxE5f25_xx3mKTc+XRDU_Hp=uFDy-iL-_c0s+xHGydw@mail.gmail.com> <alpine.DEB.2.20.1603070855070.25615@tvnag.unkk.fr> <CAKXHy=fZkRnThojTU8V9s-Vyps8jG3xOTEF-yKrDs9cqh546mg@mail.gmail.com> <alpine.DEB.2.20.1603071033570.25615@tvnag.unkk.fr> <CAKXHy=fTSzgYJaj8P7HkofzKfhx-JEt8SJkxriz8dqmM99Tb_g@mail.gmail.com> <alpine.DEB.2.20.1603071113470.25615@tvnag.unkk.fr> <alpine.DEB.2.20.1603071300010.25615@tvnag.unkk.fr> <CAKXHy=cY+i9mykHDH=MMMXGPTEGu4L6iwtEcXL55YJ_4sx9i_A@mail.gmail.com> <alpine.DEB.2.20.1603071332180.25615@tvnag.unkk.fr> <CADBiRd0n97NbiFa6RH4=FF13XjyaqEDF6hR897AN0sOUDkaNtg@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Received-SPF: pass client-ip=80.67.6.50; envelope-from=daniel@haxx.se; helo=giant.haxx.se
X-W3C-Hub-Spam-Status: No, score=-6.2
X-W3C-Hub-Spam-Report: AWL=0.010, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1ad0hG-000604-If f7b3dbab6d8ef75c70549877dd79dee1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Proposal: Cookie Priorities
Archived-At: <http://www.w3.org/mid/alpine.DEB.2.20.1603072012110.28463@tvnag.unkk.fr>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31220
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Mon, 7 Mar 2016, Adam Barth wrote:

>> (I'm not suggesting it is a "proper" or "good" implementation, just that it 
>> works with the vast majority of sites using cookies and it was written long 
>> before we created RFC 6265 and I guess nobody felt the need to update it 
>> since to that aspect.)
>
> It might be worth improving the libcurl implementation to match RFC6265.

No objections there, I think it would! But you know, whatever works in 
practise rarely gets attention and fixes just because it would make it follow 
an RFC closer.

Besides, I think the point is that 1. curl is probably not the only naive 
implementation in the world and 2. even if we'd fix this in curl today, we'd 
see applications in the wild for many years to come still using the previous 
implementation... (we have some users that are notoriously slow on upgrading 
and regularly get bug reports and questions on a decade old code!)

-- 

  / daniel.haxx.se

v2.23.0 | Report a Bug | By Email