In the javadocs, Cookie.setDomain() says: The form of the domain name is specified by RFC 2109.
Where RFC 2109 says:
Domain=domain
Optional. The Domain attribute specifies the domain for which the
cookie is valid. An explicitly specified domain must always start
with a dot.And the code for setDomain() - for tomcat 4,5:
public void setDomain(String pattern) {
domain = pattern.toLowerCase(); // IE allegedly needs this
}Shouldn't an exception be thrown since the incoming domain is not RFC 2109 compliant? But that may break a lot of code. (including mine) I discovered this accidently when HttpClient yelled at me when my webserver was passing bad domains back.
-Tim
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
