You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It specifies how to store cookies in the cookie store in section 5.4, but it doesn't specify what happens when a cookie is stored in the cookie store, then (at a later point in time, while the cookie is in the cookie store) something changes so that the cookie is no longer valid (i.e. would NOT have been stored in the cookie store had it been processed now rather than before).
This could happen due to a Public Suffix List change (as in #1385), due to a spec change in the section 5.4 algorithm, some change in things that a user agent MAY and chooses to do, etc.
The text was updated successfully, but these errors were encountered:
So far the only precedent I see on deleting cookies in 5.4 is creating an order of priority for deleting "excess" cookies when adding a new cookie exceeds a user agent's upper bound for per-domain cookie storage (if it exists).
IMHO in this particular case I think the spec can suggest (perhaps with a "SHOULD") that the user agent evict the invalid cookie rows only.
Right now in Chromium, if an invalid cookie is loaded from the store, it deletes all that sites' cookies.
@mikewest To make sure I've got this right for posterity, was your recommendation during the WG to add a NOTE to the 5.6.1 and/or 5.6.3 that browsers should be sure not to send invalid (due to registrable domain changes) cookies. The actual change to the storage section (or whatever we eventually settled on) should be deferred.
This is a more general case of #1385.
It specifies how to store cookies in the
cookie store
in section 5.4, but it doesn't specify what happens when a cookie is stored in thecookie store
, then (at a later point in time, while the cookie is in thecookie store
) something changes so that the cookie is no longer valid (i.e. would NOT have been stored in thecookie store
had it been processed now rather than before).This could happen due to a Public Suffix List change (as in #1385), due to a spec change in the section 5.4 algorithm, some change in things that a user agent MAY and chooses to do, etc.
The text was updated successfully, but these errors were encountered: