httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greg Marr" <gr...@alum.wpi.edu>
Subject Re: [PATCH] PR 18388 Set-Cookie header not honored on 304 (Not modified) status
Date Sat, 31 May 2003 21:40:33 GMT
>I found some time to look for existing discussions on this... 
> (should have done that earlier)...  It isn't valid to send 
>Set-Cookie on a 304.

>It is not valid to set a cookie in a 304 response.  Please see
>section 10.3.5 of RFC2616.  That is the reason Apache explictly
>lists headers that will be sent and why Set-Cookie isn't one of
>them."

I don't see how 10.3.5 says that Set-Cookie is invalid.  It says that 
entity headers aren't allowed, but Set-Cookie isn't listed under the 
Entity Header section.  (In fact, it isn't listed in the spec at all.)

I see that other people had the same thoughts in the first link.

Mime
View raw message