[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev Invalid cookies

From: ptr
Subject: lynx-dev Invalid cookies
Date: Fri, 8 Nov 2002 04:51:40 -0800

on Thu, 7 Nov 2002 00:05:13 -0500 "Philip Webb" <address@hidden>
>since LP has been amusing himself cleaning up Lynx code,
>here's another bug which has long been waiting to be squished:

It is an irritant, but there is a workaround:
Short answer:  use COOKIE_STRICT_INVALID_DOMAINS instead of LOOSE,
if you want to reject the cookie.  Read on for the ugly details.
>020315 Walter Ian Kaye wrote:
>> What makes a cookie invalid? How can this be fixed/prevented?
>> (And what difference does it make if it's "invalid" anyway?)

The two reasons that I see old lynx (sigh) give are invalid
path and invalid domain.

There's a listing for a bug fixed in 2.8.4dev.21 that is causing
a "invalid cookie path" message.

The "invalid cookie domain" message is not a bug, as far as I've seen. is not allowed to set a cookie with .two.ogv as
its domain.  From RFC2965's list of reasons to reject:
      *  The request-host is a HDN (not IP address) and has the form HD,
         where D is the value of the Domain attribute, and H is a string
         that contains one or more dots.

>PW again: that's not the issue: if you say you NEVER want a cookie,
>you shouldn't be asked again by Lynx if you want to accept an invalid one.

Can't argue with that.

I'm running 2.8.3, so I will continue to be irritated, regardless. 
Peter G.

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]