[Catalyst] warning
Octavian Rasnita
orasnita at gmail.com
Thu Jan 24 06:54:08 GMT 2008
From: "Jason Kohles" <email at jasonkohles.com>
> From RFC2109 (HTTP State Management Mechanism)
>
> Domain=domain
> Optional. The Domain attribute specifies the domain for which the
> cookie is valid. An explicitly specified domain must always start
> with a dot.
>
> Note the 'Optional', the spec does not require the cookie to specify a
> domain.
Ok, thank you. It seems that the domain specification is not required and I
think Firefox respects the RFCs, but is that RFC still valid?
I am asking this because I've seen that it doesn't say anything about the
"expires" attribute but about "Max-Age" and it also says that the domain
must begin with a dot, which is not correct. The cookie is set even if the
full domain is given, without starting it with a dot.
I hope I will be able to test why Firefox isn't working. Our client told
that it used to work last year and now it is not working. The only change
I've made was to remove the domain specification from the cookie, for making
it work with more domain names.
Now I put it to set the cookie_domain in Root.pm and he says that the login
is working again so I assumed that the domain is important for Firefox.
Octavian
More information about the Catalyst
mailing list