Menu
Is it possible to place a wildcard infront of the "path" parameter in a HTTP Set-Cookie request?
example:
Set-Cookie: SSID=foo; Domain=.foo.com; Path=/*/Stuff; Secure; HttpOnly 
287
In your Java server, you should call cookie. setPath("/") before adding it to response. Such cookie will match all request URIs.
The Set-Cookie HTTP response header is used to send a cookie from the server to the user agent, so that the user agent can send it back to the server later. To send multiple cookies, multiple Set-Cookie headers should be sent in the same response.
For those who didn't know, cookies are only accessible to the specified path and any subpaths, no superpaths. So cookies for the path "/folder/subfolder1/" are not accessible to "/folder/".
Check RFC 6265 HTTP State Management Mechanism, 5.1.4. Paths and Path-Match:
A request-path path-matches a given cookie-path if at least one of the following conditions holds: o The cookie-path and the request-path are identical. o The cookie-path is a prefix of the request-path, and the last character of the cookie-path is %x2F ("/"). o The cookie-path is a prefix of the request-path, and the first character of the request-path that is not included in the cookie- path is a %x2F ("/") character. It does not mention any wildcard handling, so it's not possible to use wildcards in the path.
87
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
