[AWS] Cookie Max-Age spec violation

Maciej Sobczak prog at msobczak.com
Sun Nov 18 00:47:35 CET 2012

Next message: [AWS] Cookie Max-Age spec violation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

AWS uses Duration as the type for Max-Age attribute for cookies.
This attribute is then formatted with the fraction part, so that for 
example a one-hour cookie has the attribute set as:

...; Max-Age: 3600.00; ...

The problem is that according to this:

http://tools.ietf.org/html/rfc6265

the Max-Age attribute does not allow non-digits (and therefore no 
fractions) and according to this RFC (5.2.2) such violation must lead to 
ignoring the whole cookie.

How did I find this out? The Opera browser behaves exactly this way.

Solution: change the type of Max_Age parameter in all relevant 
subprograms in aws-cookies.ad[sb] to Natural and use appropriate 
formatting routine. The kosher version of the above example is:

...; Max-Age: 3600; ...

Regards,

-- 
Maciej Sobczak * www.msobczak.com * www.inspirel.com

Next message: [AWS] Cookie Max-Age spec violation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AWS mailing list