On Mon, 13 Jan 2003, Michael Wyraz wrote:
> Date: Mon, 13 Jan 2003 16:00:45 +0100 > From: Michael Wyraz <[EMAIL PROTECTED]> > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]> > To: Tomcat Developers List <[EMAIL PROTECTED]> > Subject: Re: Strange Cookie behavior with ie 6 and subdomains > > Hi! > > I did the test: > mozilla returns only one session-id per domain. > ie returns both: the id of the parent domain and the new one. > > So it's not a browser bug. It's a tomcat bug ;-) > I think tomcat (HttpProcessor.java?) has to be modified to > check all of the session-ids returnd from the browser to find the > right one. > The cookie spec (RFC 2109) says that if a browser has two cookies with the same name and overlapping domains like this, they need to send the most specific one first (i.e. the session cookie for test.mydomain.com before the cookie for mydomain.com). Tomcat relies on this behavior to get the correct session id -- if the browser doesn't behave this way, the browser is broken. > My personal workaround (until the bug is fixed) is to move the content from >mydomain.com > to www.mydomain.com. so the cookie does not conflict with the cookie > from test.mydomain.com. > > Could one please add this bug to the bug database since i don't have an > account there? > You can make your own account if you need to submit a but. > Thanks a lot. > Michael. Craig -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
