Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change definition of unique cookie to include host-only-flag to match browser behavior #199

Closed
macoxms opened this issue Jun 14, 2016 · 1 comment
Closed

Change definition of unique cookie to include host-only-flag to match browser behavior #199

macoxms opened this issue Jun 14, 2016 · 1 comment
Labels
6265bis

Comments

@macoxms
Copy link

macoxms commented Jun 14, 2016

RFC 6265 section 5.3 defines a cookie by the name, domain, and path. However, given these two headers in a response from a request to http://contoso.com/:

Set-Cookie: mycookie=nothostonly; domain=contoso.com
Set-Cookie: mycookie=hostonly

Most browsers will have two cookies since they include host-only-flag in their definition of a unique cookie. I'd like to update section 4.1.2 and 5.3 to reflect the behavior of modern browsers with regards to host-only-flag.
@mnot
Copy link
Member

mnot commented Jul 22, 2016

Discussed in Berlin; seems reasonable.

mikewest added a commit that referenced this issue Aug 27, 2018
@mikewest
RFC6265bis: Include 'host-only-flag' when calculating uniqueness.
b415d03 
Closes #199
@mikewest mikewest mentioned this issue Aug 27, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
6265bis
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mnot @macoxms