Closed
Bug 469678
Opened 16 years ago
Closed 5 years ago
Default Cookie Path includes trailing slash
Categories
(Core :: Networking: Cookies, defect, P3)
Tracking
()
RESOLVED
INVALID
People
(Reporter: dieter, Unassigned)
Details
(Whiteboard: [necko-backlog])
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_5; en-us) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/525.27.1 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4 Per RFC 2109 the default path of a cookie when set by Set-Cookie is: Defaults to the path of the request URL that generated the Set-Cookie response, up to, but not including, the right-most /. Firefox includes the right-most slash. In our application it broke compatibility with other browsers. The workaround for application developers is easy: set an explicit cookie path. Unfotunately for end-users there is no work around. RFC 2965 changes this behaviour but that is for the Set-Cookie2 header. Reproducible: Always Steps to Reproduce: 1. get a cookie from a URL that is like /foo/bar. Do not set an explicit path. Actual Results: /foo/ will be set as cookie path. Expected Results: /foo should be set as path http://tools.ietf.org/html/rfc2109 http://tools.ietf.org/html/rfc2965
Updated•16 years ago
|
Component: General → Networking: Cookies
Product: Firefox → Core
QA Contact: general → networking.cookies
Updated•8 years ago
|
Whiteboard: [necko-backlog]
Comment 1•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Comment 2•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Comment 3•5 years ago
|
||
https://wpt.fyi/results/cookies/http-state/path-tests.html?label=master&product=chrome%5Bexperimental%5D&product=edge&product=firefox%5Bexperimental%5D&product=safari%5Bexperimental%5D&aligned
We fail several path tests, but we are in sync with the other browsers. For web-compact reasons I don't think we should change the current behavior. Let's close this bug as invalid.
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → INVALID
It seems like the latest firefox release (69.0) removes the trailing slash, where before it was present. This seems to cause problems when reading/writing cookie values, due to the path not matching.
If changed were applied, it should be noted in the release notes.
You need to log in
before you can comment on or make changes to this bug.
Description
•