tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <>
Subject Re: That Cookie thing
Date Mon, 01 Jul 2002 12:29:06 GMT

Optional. The Path attribute specifies the subset of URLs to which this 
cookie applies.

John Baker wrote:
> On Monday 01 July 2002 13:16, peter lin wrote:
>>that's the problem with assumptions :)
>>Actually I believe the W3C spec says the path will default to directory
>>the pages resides in. So that page /hello/greeting.jsp will have
>>"/hello" as the path.  Only files under "/hello" can read the cookie.
>>Atleast that's my understanding of how cookie path is supposed to be
>>set.  Some one correct me if I am wrong.
> Well a reliable source tells me that there is no w3c spec for Cookies, and 
> infact the concept was conjured by Netscape. There is an RFC spec for 
> Cookies, but it's largely ignored.
> So as the useful browsers out there ignore Cookie requests without a path, it 
> might be handy to add it by default so other people don't spend an hour or 
> two sitting there thinking "Why doesn't this work?". The current context path 
> would be handy, so the response code could look like this:
> public void addCookie(Cookie c)
> {
> 	// whatever
> 	if (c.getPath() == null)
> 		c.setPath(getContextPath());
> 	// etc
> }
> Just a thought :)
>>John Baker wrote:
>>>On Monday 01 July 2002 12:59, peter lin wrote:
>>>>if you want the cookies to be readable by all pages, you should set it
>>>>to "/".  That's standard practice. Also, if you have multiple webserver
>>>>with names like www1, www2, www3....., you should also set the cookie
>>>>to use
>>>I know this ;-) But I'd forgotten to put the / there, and assumed the
>>>browser would assume this if no / was passed to it. However they don't,
>>>so I was suggesting that if a Cookie has no path set then one should be
>>>written by default as a totally useless header is currently written in
>>>the form:
>>>Set-Cookie: someName=someValue; expires....
>>>and due to the lack of a path, every browser ignores it.

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message