tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject RE: rfc2109 and TC cookies
Date Fri, 16 Jun 2006 22:22:41 GMT
 

> -----Original Message-----
> From: Filip Hanik - Dev Lists [mailto:devlists@hanik.com] 
> Sent: Friday, June 16, 2006 2:50 PM
> To: Tomcat Developers List
> Subject: Re: rfc2109 and TC cookies
> 
> Jean-frederic Clere wrote:
> > Hi,
> >
> > I have been reading rfc2109 it gives an examples of cooky 
> like (as the 
> > spec's states):
> > +++
> > Cookie: $Version="1"; Part_Number="Rocket_Launcher_0001"; 
> $Path="/acme"
> > +++
> not sure where that syntax comes from, from what I read it looks
> 4.2.2 Set-Cookie Syntax
> 
> 
>    The syntax for the Set-Cookie response header is
> 
>    set-cookie      =       "Set-Cookie:" cookies
>    cookies         =       1#cookie
>    cookie          =       NAME "=" VALUE *(";" cookie-av)
>    NAME            =       attr
>    VALUE           =       value
>    cookie-av       =       "Comment" "=" value
>                    |       "Domain" "=" value
>                    |       "Max-Age" "=" value
>                    |       "Path" "=" value
>                    |       "Secure"
>                    |       "Version" "=" 1*DIGIT
> 
> without the "$"

Yes, Set-Cookie is like this.  It's the Cookie Header that has the $Path in
it.  Most browsers don't bother to send the $Path with the Cookie Header,
but Tomcat would handle it correctly if one did.  

> >
> > But TC sends:
> > +++
> > jfclere@jfcexpert:~/apache-tomcat-5.5.15$ telnet localhost 8080
> > Trying 127.0.0.1...
> > Connected to localhost.
> > Escape character is '^]'.
> > GET /servlets-examples/servlet/SessionExample HTTP/1.1
> > Host: localhost
> >
> > HTTP/1.1 200 OK
> > Server: Apache-Coyote/1.1
> > Set-Cookie: JSESSIONID=7C9C55FDF8C059730F723F1BB6A4DCEE; 
> > Path=/servlets-examples
> > Content-Type: text/html;charset=ISO-8859-1
> > Content-Length: 1272
> > Date: Fri, 16 Jun 2006 21:09:13 GMT
> >
> > <html>
> > +++
> >
> > Are both Path and $Path correct?
> see above, correct is Path
> > BTW: In mod_jk it seems we ignore Path, is that correct?
> mod_jk only reads the cookie, the Path is something that the browser 
> looks at to decide whether to send the cookie to the server or not
> > The idea behind is to understand how to process something like:
> > JSESSIONID=bli; Path=/a/b
> > JSESSIONID=bla; Path=/a
> I think the cookie name is unique, you can't have two cookies 
> with the 
> same name
> >
> >
> > Cheers
> >
> > Jean-Frederic
> Filip
> 
> >
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: dev-help@tomcat.apache.org
> >
> >
> 
> 
> -- 
> 
> 
> Filip Hanik
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
> 
> 
> 



This message is intended only for the use of the person(s) listed above as the intended recipient(s),
and may contain information that is PRIVILEGED and CONFIDENTIAL.  If you are not an intended
recipient, you may not read, copy, or distribute this message or any attachment. If you received
this communication in error, please notify us immediately by e-mail and then delete all copies
of this message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet
is not secure. Do not send confidential or sensitive information, such as social security
numbers, account numbers, personal identification numbers and passwords, to us via ordinary
(unencrypted) e-mail.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message