[http-state] Set-Cookie vs header folding
Julian Reschke <julian.reschke@gmx.de> Mon, 06 September 2010 12:16 UTC
Return-Path: <julian.reschke@gmx.de>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 26B343A68FE for <http-state@core3.amsl.com>; Mon, 6 Sep 2010 05:16:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.65
X-Spam-Level:
X-Spam-Status: No, score=-104.65 tagged_above=-999 required=5 tests=[AWL=-2.051, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fFnyJrNgUUkl for <http-state@core3.amsl.com>; Mon, 6 Sep 2010 05:16:08 -0700 (PDT)
Received: from mail.gmx.net (mailout-de.gmx.net [213.165.64.22]) by core3.amsl.com (Postfix) with SMTP id 6FB4B3A68FC for <http-state@ietf.org>; Mon, 6 Sep 2010 05:16:06 -0700 (PDT)
Received: (qmail invoked by alias); 06 Sep 2010 12:16:33 -0000
Received: from mail.greenbytes.de (EHLO [192.168.1.147]) [217.91.35.233] by mail.gmx.net (mp030) with SMTP; 06 Sep 2010 14:16:33 +0200
X-Authenticated: #1915285
X-Provags-ID: V01U2FsdGVkX1/abyFwtKzaD82QEqJLAEPjzqh5gQ880ia3jxhslT 5daokLIQCIX+au
Message-ID: <4C84DB9F.8020808@gmx.de>
Date: Mon, 06 Sep 2010 14:16:31 +0200
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2
MIME-Version: 1.0
To: "http-state@ietf.org" <http-state@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Subject: [http-state] Set-Cookie vs header folding
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Sep 2010 12:16:10 -0000
Hi, we are all aware of the problem of Set-Cookie of being compatible with the HTTP header field list syntax. See <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p1-messaging-11.html#rfc.section.3.2.p.7>: "Note: The "Set-Cookie" header as implemented in practice (as opposed to how it is specified in [RFC2109]) can occur multiple times, but does not use the list syntax, and thus cannot be combined into a single line. (See Appendix A.2.3 of [Kri2001] for details.) Also note that the Set-Cookie2 header specified in [RFC2965] does not share this problem." and also <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/129>. I was just checking whether HTTPbis needs to change once the new cookie spec is published, and was surprised that it doesn't seem to mention this problem (as known incompatibility with the requirements in 2616). I believe it should. Best regards, Julian
- [http-state] Set-Cookie vs header folding Julian Reschke
- Re: [http-state] Set-Cookie vs header folding Adam Barth
- Re: [http-state] Set-Cookie vs header folding Julian Reschke
- Re: [http-state] Set-Cookie vs header folding Adam Barth
- Re: [http-state] Set-Cookie vs header folding Adam Barth