Wt

It returs "/hello.cgi" for me. It should return "/".

I'm using apache (2.2.22) with mod-fcgid 2.3.6.

Kurt

Hey Kurt,

"/hello.cgi" sounds right if your application is deployed at "/hello.cgi". Only requests that arrive at "/hello.cgi..." should have the cookie ?

Regards,

koen

Koen Deforche wrote:

Hey Kurt,

"/hello.cgi" sounds right if your application is deployed at "/hello.cgi". Only requests that arrive at "/hello.cgi..." should have the cookie ?

That's not what the RFC about cookies says, or how browsers interpret it. It should point to "/", not "/hello.cgi".

Hey Kurt,

Where do you read that ?

In RFC2965 I read: For two strings that represent paths, P1 and P2, P1 path-matches P2

if P2 is a prefix of P1 (including the case where P1 and P2 string-

compare equal). Thus, the string /tec/waldo path-matches /tec.

So, also /tec patch-matches /tec and thus what Wt does seems correct ?

Regards,

koen

After re-reading things, I'd have to agree that it's correct.

The last RFC is 6265, and it reads:

A request-path path-matches a given cookie-path if at least one of

the following conditions holds:

o The cookie-path and the request-path are identical.

[...]

It's only the default path in case there was cookie path that should be set to "/".

So feel free to close this.