Can someone tell me the source code of Firefox where the Set-Cookie header is parsed? I want to understand the exact behavior.
Read on if you want to know why? For various limitations in my application, I need to pass multiple cookies inside the same Set-Cookie header. RFC-2109 clearly mentions
The "Set-Cookie" response header contains a Set-Cookie: marker followed by a comma-separated list of one or more cookies. Each cookie begins with a pair NAME = VALUE, followed by zero or more comma-separated attribute-value pairs . "
So, I should be able to pass the next Set-Cookie header
Set-Cookie: name1 = value1; attr11 = attrval11; attr12 = attrval12, name2 = value2; attr21 = attrval21; attr22 = attrval22;
This does not work. However, following the work
Set-Cookie: name1 = value1, name2 = value2; attr1 = attrval1; attr2 = attrval2;
And I want to give different attributes for different cookies.
[Update]
Real examples:
Example # 1 -
Set-Cookie: cookie1 = value1; Path = /, Cookie2 = value2; Path = /
In this case, firefox parses and receives the first cookie (whose name is cookie1 and the value is value1) from it (the second is completely ignored)
Example # 2 -
Set-Cookie: cookie1 = value1, cookie2 = value2; Path = /
In this case, firefox considers that there is one cookie whose name is "cookie1" and the value is "value1, cookie2 = value2". This, again, is not what was intended.