cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: multiple session cookie handling

From: Roth, Kevin P. <KPRoth_at_MarathonOil.com>
Date: Thu, 21 Jun 2001 08:11:59 -0400

The more "traditional" approach to setting a session cookie is simply to
not set an expiration date for the cookie. Without a specific date, most
browsers treat a cookie as temporary and get rid of it when the
"user-agent" (aka browser) is terminated.

A sample of a permanent cookie:
 Set-Cookie: name=value; expires=Tue, 01-Jan-2002 05:00:00 GMT; path=/

And of a temporary cookie:
 Set-Cookie: name=value; path=/

--Kevin

-----Original Message-----
> I'm a bit confused. How does a server send a "session-only" cookie?
> Aren't all cookies supposed to be the permanent kind?

Quoting from RFC2965, section 3.2.2:

 Discard
      OPTIONAL. The Discard attribute instructs the user agent to
      discard the cookie unconditionally when the user agent terminates.

(So, even though we don't support that standard, this is possible.)
Received on 2001-06-21