Re: cookies - nothing new

[oliver () LINEHAM CO NZ (Oliver Lineham)]

On Mon Feb 07 2000 17:11:13 you wrote:

> Amazing what a simple search engine can reveal.
> http://homepages.paradise.net.nz/~glineham/cookiemonster.html
> > More info used to be here:
> >  <http://www.paradise.net.nz/~glineham/cookiemonster.html>
> > Does anyone know where it went?

Yes, it moved from www.paradise to homepages.paradise.  I must apologise
for the inconvenience, it is free space from my ISP (I didn't have better
hosting available at the time).

Firstly, the page: the working demo (or browser test) no longer works since
the two CGI scripts are no longer being hosted. To get the demo going again
I need to find CGI hosting on two servers:
* hosted on country domains (like .au, .nz, .ca etc)
* with the same second level but different third level (eg. companya.co.nz
and companyb.co.nz, but not someone.org.nz)
Which should be obvious if you understand the cookie bug described on the
advisory page.

Secondly, with regards to the bug itself.  As discussed on the page, bug
arises from browsers not correctly implementing the Netscape or RFC specs.

However (as discussion here has touched on) the specs themselves are flawed
in making assumptions about domains that aren't in a predefined list (like
.com, .net).  What about new domains like .web?  What about countries that
don't have their own sub-classifications, such as companyname.de?

Also, Mozilla appear to have decided NOT TO FIX the cookie bug because they
don't want to break Yahoo Mail (who are setting illegal cookies). You can
make your own judgements about the wisdom in this decision.

Very interesting links people here might want to read:
http://bugzilla.mozilla.org/show_bug.cgi?id=9422
http://bugzilla.mozilla.org/show_bug.cgi?id=8743

Regards,

Oliver.

____________________________________________________
     v i b e   m e d i a    http://www.vibe.co.nz/
   wellington, new zealand    oliver () lineham co nz
ph +644 566-0627  mb +6421 2107845  fx +644 570-1900