Single domain and multiple cookies

Well, my first question would be...why so many cookies?

 

 

If we take a look at what information is being stored in the cookies, how it's being used, and why it's necessary...we might be able to come up with a way to condense the usage a bit.

 

 

-Colin

Actually, I will add in that yes, this is totally feasible. Here is the approach that you could take.

 

 

If the client doesn't have your KEY cookie, then on the initial response generate a unique key (you could use AES::key for this). Then take all the cookies and put them in the session table under the key you generated. Then remove all the cookies and add the KEY cookie.

 

 

Then on subsequent requests, look up the session table using the value of the KEY cookie and add all the cookies stored there. The real tricky part would be that you will have to make sure the cookies are updated on subsequent responses (for example, the server adds another new cookie). I would maybe suggest using a Tcl array to store the cookies before putting them into the session table (the session table stores a Tcl object, so it can actually store the array too). This would make it easier to update the cookies as further requests happen.

 

 

This would be an awesome rule and we look forward to seeing it!!!

The reason why they want this construction is that multiple application are seated behind one url. Every application has its own cookie and need to be persistance on that cookie. The application number will exceed the 20 and therefore more than 20 cookies can be stored in one session. Since the RFC only states that a client need to be able to store 20 cookies we are looking for a way to present one cookie to the client and preserve the cookies from the server.