You are viewing a plain text version of this content. The canonical link for it is here.

Posted to docs@httpd.apache.org by Matt Lewandowsky <ma...@iamcode.net> on 2006/06/13 03:19:01 UTC

[PATCH] mod/mod_usertrack.xml

I was reviewing the mod_usertrack docs and a few things jumped out at 
me as "this should be corrected". So, I took it upon myself to do so 
and the patch is attached.

Changes:

   - Note about "two-part top level domain" cookies (such as .co.uk) 
being invalid in most current browsers. As they fall into the "two-dot 
rule" of the Netscape cookie spec (.domain.com), it may not be obvious 
to someone who tries to set such a cookie why it is failing.

   - A note that current browsers only fully support Netscape cookies. 
While most browsers will accept a RFC2109 cookie, they tend to get 
converted into a Netscape cookie internally, anyway. As browsers catch 
up to the RFCs, this will have to be revisited.

   - An update to the CookieTracking directive to be "more correct" now 
that the world has embraced DSOs...

It may be nothing earth-shaking, but it does make me feel a tiny bit 
better about mod_usertrack. :)

Warmest,

--Matt

-- 
/*
  * Matt Lewandowsky    matt@iamcode.net
  * Random Geek         http://www.iamcode.net/
  * +1 (866) 606-9696   +44 (0) 844 484 8254
  */

Re: [PATCH] mod/mod_usertrack.xml

Posted by Matt Lewandowsky <ma...@iamcode.net>.

On Tue, 13 Jun 2006 10:19:34 +0100, From Noirin Plunkett:
> On Mon, Jun 12, 2006 at 06:19:01PM -0700, Matt Lewandowsky wrote:
>> I was reviewing the mod_usertrack docs and a few things jumped out at
>> me as "this should be corrected". So, I took it upon myself to do so
>> and the patch is attached.
>
> First off, thanks a mill for this! =)

If SVN cooperates with me, expect more in the future. I'm getting 
irritated by certain pages which seem to confuse people often. :)

> I'd prefer "will not allow cookies to be set", rather than "will
> disallow" -  if you want to keep disallow, you'll have to change the
> wording a little - "will disallow cookies from being [...]"

That phrasing is fine by me.

> I had to read this several times before I understood what it meant. It's
> definitely a useful piece of info to have in the docs, but perhaps we
> could rephrase it a bit. My patch is attached, let me know if it's any
> clearer, or if I've just been staring at this so long that I get it now =)

I've made a slight change to your wording, as I found almost the same 
flaw in your wording as was in mine. Hopefully, this is far clearer 
than what I started with. Thank you for your editing, here. :)

> I've also changed this to "At the time of writing" - if these docs don't
> get updated for another seven or eight years, at least then the reader
> has to dig back to see how old and crufty they are, rather than having
> it printed there before them =)

Fine by me, I just worry that the docs don't get updated for 7 or 8 
years and end-users start quoting this document as the reason they 
believe that browsers still don't support modern cookies. One can't 
expect J. Random User to go check version control to see when "the time 
of writing" was...

Anyhow, a new patch is attached. Practically the same as your last one. :)

--Matt

-- 
/*
  * Matt Lewandowsky    matt@iamcode.net
  * Random Geek         http://www.iamcode.net/
  * +1 (866) 606-9696   +44 (0) 844 484 8254
  */

Re: [PATCH] mod/mod_usertrack.xml

Posted by Noirin Plunkett <no...@apache.org>.

On Mon, Jun 12, 2006 at 06:19:01PM -0700, Matt Lewandowsky wrote:
> I was reviewing the mod_usertrack docs and a few things jumped out at 
> me as "this should be corrected". So, I took it upon myself to do so 
> and the patch is attached.

First off, thanks a mill for this! =)

> Changes:
> 
> Index: mod_usertrack.xml
> ===================================================================
> @@ -123,6 +123,16 @@
> +
> +    <note>
> +            <p>Most browsers in use today will disallow cookies to be set for
> +            a "two-part top level domain" such as <strong>.co.uk</strong>. This

I'd prefer "will not allow cookies to be set", rather than "will
disallow" -  if you want to keep disallow, you'll have to change the
wording a little - "will disallow cookies from being [...]"

> +            is because a two-part top level domain is equivalent to a top level
> +            domain such as <strong>.com</strong>. Allowing such cookies may be

I had to read this several times before I understood what it meant. It's
definitely a useful piece of info to have in the docs, but perhaps we
could rephrase it a bit. My patch is attached, let me know if it's any
clearer, or if I've just been staring at this so long that I get it now =)

> +    users' browsers. As of mid-2006, most browsers only fully support
> +    <code>CookieStyle Netscape</code>.</p>

I've also changed this to "At the time of writing" - if these docs don't
get updated for another seven or eight years, at least then the reader
has to dig back to see how old and crufty they are, rather than having
it printed there before them =)

Noirin