Is order matter in Cookies?

Discussion in 'ASP .Net' started by jacksu, Jul 21, 2006.

  1. jacksu

    jacksu Guest

    I have one application in two servers, two servers returns the same
    cookie but with some elmenet in different order,

    Set-cookie: a=abc; Path=/; Domain=.abc.com; Secure

    another one is
    Set-cookie: a=abc; Secure; Path=/ ;Domain=.abc.com

    the later one will not be included in the Cookie list in the later
    request. Does anyone knows whether the order of "secure" matter?

    Thanks.

    Here is the definition copied from RFC 2109.

    set-cookie = "Set-Cookie:" cookies
    cookies = 1#cookie
    cookie = NAME "=" VALUE *(";" cookie-av)
    NAME = attr
    VALUE = value
    cookie-av = "Comment" "=" value
    | "Domain" "=" value
    | "Max-Age" "=" value
    | "Path" "=" value
    | "Secure"
    | "Version" "=" 1*DIGIT
    jacksu, Jul 21, 2006
    #1
    1. Advertising

  2. The "standard" order is :
    Set-Cookie: NAME=VALUE; expires=DATE;
    path=PATH; domain=DOMAIN_NAME; secure

    If you don't set an expires date, the cookie doesn't persist.

    Why are you setting cookies like that, instead of using Response.Cookies ?




    Juan T. Llibre, asp.net MVP
    aspnetfaq.com : http://www.aspnetfaq.com/
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en español : http://asp.net.do/foros/
    ===================================
    "jacksu" <> wrote in message
    news:...
    >I have one application in two servers, two servers returns the same
    > cookie but with some elmenet in different order,
    >
    > Set-cookie: a=abc; Path=/; Domain=.abc.com; Secure
    >
    > another one is
    > Set-cookie: a=abc; Secure; Path=/ ;Domain=.abc.com
    >
    > the later one will not be included in the Cookie list in the later
    > request. Does anyone knows whether the order of "secure" matter?
    >
    > Thanks.
    >
    > Here is the definition copied from RFC 2109.
    >
    > set-cookie = "Set-Cookie:" cookies
    > cookies = 1#cookie
    > cookie = NAME "=" VALUE *(";" cookie-av)
    > NAME = attr
    > VALUE = value
    > cookie-av = "Comment" "=" value
    > | "Domain" "=" value
    > | "Max-Age" "=" value
    > | "Path" "=" value
    > | "Secure"
    > | "Version" "=" 1*DIGIT
    >
    Juan T. Llibre, Jul 21, 2006
    #2
    1. Advertising

  3. jacksu

    jacksu Guest

    It is not persistant cookie. We just used in the same session.

    The questions is that if we put secure in the middle of cookie, then it
    will not sent out by some software, like HttpUnit, but could be handled
    by some browsers like IE and firefox.

    Any suggestion?

    Thanks.

    Juan T. Llibre wrote:
    > The "standard" order is :
    > Set-Cookie: NAME=VALUE; expires=DATE;
    > path=PATH; domain=DOMAIN_NAME; secure
    >
    > If you don't set an expires date, the cookie doesn't persist.
    >
    > Why are you setting cookies like that, instead of using Response.Cookies ?
    >
    >
    >
    >
    > Juan T. Llibre, asp.net MVP
    > aspnetfaq.com : http://www.aspnetfaq.com/
    > asp.net faq : http://asp.net.do/faq/
    > foros de asp.net, en español : http://asp.net.do/foros/
    > ===================================
    > "jacksu" <> wrote in message
    > news:...
    > >I have one application in two servers, two servers returns the same
    > > cookie but with some elmenet in different order,
    > >
    > > Set-cookie: a=abc; Path=/; Domain=.abc.com; Secure
    > >
    > > another one is
    > > Set-cookie: a=abc; Secure; Path=/ ;Domain=.abc.com
    > >
    > > the later one will not be included in the Cookie list in the later
    > > request. Does anyone knows whether the order of "secure" matter?
    > >
    > > Thanks.
    > >
    > > Here is the definition copied from RFC 2109.
    > >
    > > set-cookie = "Set-Cookie:" cookies
    > > cookies = 1#cookie
    > > cookie = NAME "=" VALUE *(";" cookie-av)
    > > NAME = attr
    > > VALUE = value
    > > cookie-av = "Comment" "=" value
    > > | "Domain" "=" value
    > > | "Max-Age" "=" value
    > > | "Path" "=" value
    > > | "Secure"
    > > | "Version" "=" 1*DIGIT
    > >
    jacksu, Jul 21, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. SpaceCowboy
    Replies:
    6
    Views:
    528
    SpaceCowboy
    Aug 14, 2003
  2. Christian Riedel
    Replies:
    0
    Views:
    368
    Christian Riedel
    Sep 12, 2003
  3. hilz
    Replies:
    1
    Views:
    513
    Richard Tobin
    Jan 18, 2006
  4. =?Utf-8?B?dGhlIGZyaWVuZGx5IGRpc3BsYXkgbmFtZQ==?=

    Cookies will get deleted, no matter what

    =?Utf-8?B?dGhlIGZyaWVuZGx5IGRpc3BsYXkgbmFtZQ==?=, Apr 28, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    466
    =?Utf-8?B?dGhlIGZyaWVuZGx5IGRpc3BsYXkgbmFtZQ==?=
    Apr 28, 2006
  5. _Who
    Replies:
    7
    Views:
    2,656
Loading...

Share This Page