I am trying to set a session cookie limited to a certain path (e.g. /foo) when a user logs in. The complication is that the login page is on /, but the request is immediately redirected to /foo/something. Something like that:
/foo
/
/foo/something
Inquiry:
POST / HTTP/1.1 username=foo&password=bar
Answer:
HTTP/1.0 302 Found Location: http://example.com/foo/home Set-Cookie: session=whatever; path=/foo
However, the corresponding RFC bits I could find ( rfc2109 and rfc2965 ):
To prevent potential breaches of security or privacy, the user agent rejects the cookie (does not save its information) if any of the following is true:The value for the Path attribute is not a prefix of the request-URI....
To prevent potential breaches of security or privacy, the user agent rejects the cookie (does not save its information) if any of the following is true:
...
cookie, , , , , RFC , .
, , .
RFC?
!
RFC; .
IETF, cookie; , , .
: http://datatracker.ietf.org/doc/draft-ietf-httpstate-cookie/
, , !
, , RFC . , cookie '/foo/home'. , : " '/foo/home', '/'?"
(), '/' '/foo/home', , Location.
, : URL- , ? '/foo', POST '/foo/login' '/' ?
Source: https://habr.com/ru/post/1730008/More articles:IPhone Playing Sound on the Phone - iosWeb Search API for 25000-50000 Records - javaC # creating a hash table of fixed size - hashtableIs it possible to introduce a loop into an array without specifying how large the array is in C #? - arraysOnly MasterPage cache in ASP.NET MVC - cachingВключение файла PDF в файл PDF, созданный FOP - phpCan CouchDB significantly benefit from using BERT instead of JSON? - jsonWPF и активные объекты - wpfHow to change GMarker color in Google Maps? - google-mapsHow to create a MobileSubstrate plugin for iPhone? - iphoneAll Articles