[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV bad query (egghead website)
From: |
Foteos Macrides |
Subject: |
Re: LYNX-DEV bad query (egghead website) |
Date: |
Fri, 27 Jun 1997 21:02:13 -0500 (EST) |
Laura Eaves <address@hidden> wrote:
>> Date: Thu, 26 Jun 1997 18:04:44 -0500 (EST)
>> From: Foteos Macrides <address@hidden>
>>...
>> I had coded Lynx redundantly to block cookie sharing based
>> on either a port restriction or on a secure restricion, so that
>> they eventually could be made independent, and both configureable,
>> and raised this problem in the HTTP-WG. The spec is going to be
>> changed so that is also supports a port attribute. So the server
>> can send either a "secure" or "port" field (or both) with the
>> cookie, to regulate those restrictions independently, and the
>> user similarly could configure them each ON or OFF by default,
>> and modify them via the Cookie Jar Page. But that's all in the
>> future.
>
>Does this mean that sites like egghead won't be usable
>until this is resolved?
Any site which expects cookie sharing between http and https
servers will not get the full complement of non-encrypted and encrypted
cookies sent to both servers. If you want to lift the port/secure
restrictions, it's a simple mod I'm sure you can do yourself in
LYCookie.c. I don't plan to lift those restrictions in the fotemods
code until they can also be configured, and modified at will via the
Cookie Jar Page, which is a much bigger job than just getting rid of
the restrictions. I've been working for three weeks now on integrating
the EXP_CHARTRANS stuff with the fotmods code, and don't want to change
gears (except for bugs or security holes) until that's done.
Fote
=========================================================================
Foteos Macrides Worcester Foundation for Biomedical Research
address@hidden 222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- LYNX-DEV bad query (egghead website), Laura Eaves, 1997/06/25
- Re: LYNX-DEV bad query (egghead website), Laura Eaves, 1997/06/25
- Re: LYNX-DEV bad query (egghead website), Laura Eaves, 1997/06/25
- Re: LYNX-DEV bad query (egghead website), Laura Eaves, 1997/06/26
- Re: LYNX-DEV bad query (egghead website), Foteos Macrides, 1997/06/26
- Re: LYNX-DEV bad query (egghead website), Laura Eaves, 1997/06/27
- Re: LYNX-DEV bad query (egghead website),
Foteos Macrides <=
- Re: LYNX-DEV bad query (egghead website), leaves, 1997/06/28