You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "Roy T. Fielding" <fi...@liege.ICS.UCI.EDU> on 1996/06/01 07:52:54 UTC

Re: apache week and cookies

> http://www.ukweb.com/support/apacheweek/96may24
> 
> "When a CGI program sends multiple cookie headers (Set-Cookie:), Apache 
>   merges them into one HTTP header. It does this with all headers of the 
>   same name, since this is a standard part of the HTTP specification. 
>   Unfortunately, the Netscape cookie specification does not allow
>   multiple cookies on one header, but does allow multiple Set-Cookie: 
>   headers. While this breaks the HTTP specification, Apache will probably
>   be updated in a future to send multiple cookies"
> 
> 
> Would multiple cookie headers break the HTTP spec?   I think not.

Nope -- the only thing that is broken is the Navigator implementation.
When it is standardized, the definition of Set-Cookie will change
to allow comma as a separator.

.....Roy