Apache-SecSess
2 results

 view release on metacpan or  search on metacpan

rfc/rfc2109.txt  view on Meta::CPAN 

      origin server chooses to send, possibly in a server-selected
      printable ASCII encoding.  "Opaque" implies that the content is of
      interest and relevance only to the origin server.  The content
      may, in fact, be readable by anyone that examines the Set-Cookie
      header.

   Comment=comment
      Optional.  Because cookies can contain private information about a
      user, the Cookie attribute allows an origin server to document its
      intended use of a cookie.  The user can inspect the information to
      decide whether to initiate or continue a session with this cookie.

   Domain=domain
      Optional.  The Domain attribute specifies the domain for which the
      cookie is valid.  An explicitly specified domain must always start
      with a dot.

   Max-Age=delta-seconds
      Optional.  The Max-Age attribute defines the lifetime of the
      cookie, in seconds.  The delta-seconds value is a decimal non-
      negative integer.  After delta-seconds seconds elapse, the client

rfc/rfc2109.txt  view on Meta::CPAN 

        Domain attribute.

   Such control could be provided by, for example, mechanisms

      * to notify the user when the user agent is about to send a cookie
        to the origin server, offering the option not to begin a session.

      * to display a visual indication that a stateful session is in
        progress.

      * to let the user decide which cookies, if any, should be saved
        when the user concludes a window or user agent session.

      * to let the user examine the contents of a cookie at any time.

   A user agent usually begins execution with no remembered state
   information.  It should be possible to configure a user agent never
   to send Cookie headers, in which case it can never sustain state with

rfc/rfc2965.txt  view on Meta::CPAN 


Kristol & Montulli          Standards Track                     [Page 5]

RFC 2965            HTTP State Management Mechanism         October 2000


   Comment=value
      OPTIONAL.  Because cookies can be used to derive or store private
      information about a user, the value of the Comment attribute
      allows an origin server to document how it intends to use the
      cookie.  The user can inspect the information to decide whether to
      initiate or continue a session with this cookie.  Characters in
      value MUST be in UTF-8 encoding. [RFC2279]

   CommentURL="http_URL"
      OPTIONAL.  Because cookies can be used to derive or store private
      information about a user, the CommentURL attribute allows an
      origin server to document how it intends to use the cookie.  The
      user can inspect the information identified by the URL to decide
      whether to initiate or continue a session with this cookie.

   Discard
      OPTIONAL.  The Discard attribute instructs the user agent to
      discard the cookie unconditionally when the user agent terminates.

   Domain=value
      OPTIONAL.  The value of the Domain attribute specifies the domain
      for which the cookie is valid.  If an explicitly specified value
      does not start with a dot, the user agent supplies a leading dot.

rfc/rfc2965.txt  view on Meta::CPAN 

   user agent SHOULD store that information in a human-readable form
   with the cookie and SHOULD display the comment text as part of a
   cookie inspection user interface.

   If a Set-Cookie2 response header includes a CommentURL attribute, the
   user agent SHOULD store that information in a human-readable form
   with the cookie, or, preferably, SHOULD allow the user to follow the
   http_URL link as part of a cookie inspection user interface.

   The cookie inspection user interface may include a facility whereby a
   user can decide, at the time the user agent receives the Set-Cookie2
   response header, whether or not to accept the cookie.  A potentially
   confusing situation could arise if the following sequence occurs:

      *  the user agent receives a cookie that contains a CommentURL
         attribute;

      *  the user agent's cookie inspection interface is configured so
         that it presents a dialog to the user before the user agent
         accepts the cookie;

rfc/rfc2965.txt  view on Meta::CPAN 


   Such control could be provided, for example, by mechanisms

      *  to notify the user when the user agent is about to send a
         cookie to the origin server, to offer the option not to begin a
         session.

      * to display a visual indication that a stateful session is in
         progress.

      * to let the user decide which cookies, if any, should be saved
         when the user concludes a window or user agent session.

      * to let the user examine and delete the contents of a cookie at
         any time.

   A user agent usually begins execution with no remembered state
   information.  It SHOULD be possible to configure a user agent never
   to send Cookie headers, in which case it can never sustain state with
   an origin server.  (The user agent would then behave like one that is
   unaware of how to handle Set-Cookie2 response headers.)



( run in 2.407 seconds using v1.01-cache-2.11-cpan-de7293f3b23 )