Re: errata for cookie spec
Koen Holtman (koen@win.tue.nl)
Fri, 14 Feb 1997 09:21:35 +0100 (MET)
Dave Kristol:
>
> > Two small comments on the errata:
> >
> > 1. The section `Compatibility with MS's implementation' states the problem,
> > but no solution. I'd prefer it if you append something like
> >
> > Therefore, servers should be careful in sending complex cookies that use
> > this specification to legacy HTTP/1.0 user agents. If an unknown HTTP/1.0
> > user agent is encountered, a server can determine its compatibility with
> > this specification by first returning a response which sets a simple
> > non-persistent cookie, and then examining the cookie header of any
> > subsequent request.
>
>Okay, but.... Because the cookie spec. is separable from HTTP/1.1, and
>because it will become a standard after HTTP/1.1, there's no assurance
>that even HTTP/1.1 user agents will follow this spec.
Yes, but we only need assurance that HTTP/1.1 agents won't have non-tolerant
cookie header parsers if they follow netscape's spec. If I understand the
situation correctly, MS will fix their parser in the next release, so they
won't release a 1.1 agent with a non-tolerant parser.
I can't guarantee that there won't be 1.1 agents with non-tolerant parsers,
but it seems a reasonably safe bet.
> So it might be
>wise to avoid reference to HTTP/1.0.
Maybe. Feel free to change my suggested text if you think it can be
improved.
>Also, what exactly do you mean by "unknown HTTP/1.0 user agent"?
An agent for which the compatibility level is not known.
I guess my text tries to say too many things with too little words. Please
expand it to make it readable.
>Dave Kristol
Koen.