Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Set-Cookie: Wildcard "Path"

Tags:

http

cookies

Is it possible to place a wildcard infront of the "path" parameter in a HTTP Set-Cookie request?

example:

Set-Cookie: SSID=foo; Domain=.foo.com; Path=/*/Stuff; Secure; HttpOnly 
like image 287
Trevor Avatar asked Nov 04 '11 18:11

Trevor


People also ask

How do I set cookies to all path?

In your Java server, you should call cookie. setPath("/") before adding it to response. Such cookie will match all request URIs.

What is set-cookie path?

The Set-Cookie HTTP response header is used to send a cookie from the server to the user agent, so that the user agent can send it back to the server later. To send multiple cookies, multiple Set-Cookie headers should be sent in the same response.

Are cookies path specific?

For those who didn't know, cookies are only accessible to the specified path and any subpaths, no superpaths. So cookies for the path "/folder/subfolder1/" are not accessible to "/folder/".


1 Answers

Check RFC 6265 HTTP State Management Mechanism, 5.1.4. Paths and Path-Match:

 A request-path path-matches a given cookie-path if at least one of    the following conditions holds:     o  The cookie-path and the request-path are identical.     o  The cookie-path is a prefix of the request-path, and the last       character of the cookie-path is %x2F ("/").     o  The cookie-path is a prefix of the request-path, and the first       character of the request-path that is not included in the cookie-       path is a %x2F ("/") character. 

It does not mention any wildcard handling, so it's not possible to use wildcards in the path.

like image 87
palacsint Avatar answered Sep 18 '22 23:09

palacsint