httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <>
Subject Re: Bug 18388: cookies
Date Tue, 31 Aug 2004 15:55:51 GMT
On Mon, 30 Aug 2004, Geoffrey Young wrote:

> [replying to my words - largely chopped]
> > Perhaps a better approach to 304 headers would be to explicitly
> > exclude entity headers as enumerated in rfc2616, rather than
> > explicitly include non-entity headers?  That means the default
> > for proprietary extensions (which HTTP explicitly permits) becomes
> > to allow them in a 304.
> fwiw, this was discussed a few times in the archives.  the one that comes to
> mind for me is this from doug:

That thread seems to be the same basic issue, but with reference to
RFC1945.  2616 includes additional explanation, and seems more clearly
to support the view that not only cookies but arbitrary unknown headers
(if any) should be allowed.

In the bug report 18388,  Ryan J Eberhard wrote:
	"It is also important to note that all other major web servers
	(IIS, iPlanet, and Domino) will return Set-Cookie headers on a
	304 status."
I'm in no position to confirm or deny that, but it tends to support the
proposition, and suggest that if it caused trouble in the Real World
then we could expect to know about it.

> personally, I tend to see it more from doug and nick's perspective and would
> be inclined to fix a long-standing issue that never made sense to me, but
> roy wrote the book and has unique insight here, so...

Hmm.  Would proposing it in STATUS for a vote be appropriate here?
I think if anyone wants to veto it, we should have a reason that
addresses Doug's and Ryan's arguments on the record.

Nick Kew

View raw message