Re: Accomodating Netscape-style cookies?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Gisle Aas: "Re: buglet in File::Listing - s/next/return/"
• Previous message: Gisle Aas: "Re: HTML:: module question"
• In reply to: Kartik Subbarao: "Re: Accomodating Netscape-style cookies?"
• Next in thread: Gisle Aas: "Re: Accomodating Netscape-style cookies?"

Kartik Subbarao <subbarao@computer.org> writes:

> > Is domain=foo.bar.com supposed to mean that cookies should only be
> > returned to host foo.bar.com or that both foo.bar.com and for instance
> > xxx.foo.bar.com should get it?  What does Netscape do (probably it
> > just tries to match the domain name at the end of the hostname as it
> > is ans will send cookies to both xxx.foo.bar.com and foo.bar.com)?
> 
> Yeah, it does tail matching. Here's the excerpt from the spec:
> 
> ---
> When searching the cookie list for valid cookies, a comparison of the
> domain attributes of the cookie is made with the Internet domain name of
> the host from which the URL will be fetched. If there is a tail match, then
> the cookie will go through path matching to see if it should be sent. "Tail
> matching" means that domain attribute is matched against the tail of the
> fully qualified domain name of the host. A domain attribute of "acme.com"
> would match host names "anvil.acme.com" as well as
> "shipping.crate.acme.com".
> ---

But hopefully Netscape does not send the cookie to www.pacme.com as
well??

Can you verify that this does not happen with your patch then I will
apply it.

Regards,
Gisle

• Next message: Gisle Aas: "Re: buglet in File::Listing - s/next/return/"
• Previous message: Gisle Aas: "Re: HTML:: module question"
• In reply to: Kartik Subbarao: "Re: Accomodating Netscape-style cookies?"
• Next in thread: Gisle Aas: "Re: Accomodating Netscape-style cookies?"