I am aware of the recommendations in RFC 2965 (and in RFC 2109), but
it's an unfortunate fact that many web sites don't follow these RFCs.
They happily send out responses like this
HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Wed, 23 Oct 2002 19:51:34 GMT
Content-type: text/html
Set-cookie: NETSCAPE_LIVEWIRE_ID=66DFAF097771AD7C8BF3F45EA37798450022B5D4; path=/MinSide
Content-length: 21283
Connection: keep-alive
containing _private_ information for the client.... We need to adapt
to this imperfection by never caching a text object having a
Set-Cookie or Set-Cookie2 field.
Is this possible?
Bjørn
Received on Wed Oct 23 2002 - 15:18:43 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:53 MST