PATCH: Cookies for fully-qualified subdomains

Dawit A. adawit at
Tue Dec 2 06:51:55 GMT 2003

On Tuesday 02 December 2003 01:25, John Firebaugh wrote:
> This patch fixes the following:
> dcop kcookiejar kcookiejar addCookies '' \
>    'Set-Cookie: FOO=bar;' 100

This is illegal. '' is not allowed to set a cookie for any of its 
sub domains! Even subdomains are only allowed to set cookie for their 
immediate top-level domain, i.e. '' can set cookie for 
'', but not for ''. So as not to completely discard such 
invalid cookies, the cookiejar will accept the above cookie, but it will 
compeltely ignore the "domain=" parameter. This means the cookie will only be 
sent to the actual host ( that set it in the first place.

> dcop kcookiejar kcookiejar findCookies '' 100
> -> Cookie: FOO=bar


> dcop kcookiejar kcookiejar findCookies '' 100
> -> Nothing

This is the correct behvaior for the reason explained above...

Dawit A.
"Preach what you practice, practice what you preach"

More information about the kde-core-devel mailing list