It is the path part of a URL. The HTML Cookie specification defines it, and this is AuthCookie's way of letting you set it.
If the request domain + path doesn't match those set in the cookie, then the browser won't send the cookie to the server. When using cookies for non-auth purposes, there are lots of cases where you would want something more specific than / (to set a preference specific to an add at some.web.site/some/app, for example). You're right that, for auth, it's hard to imagine when you wouldn't want to just leave it as /. ...Steve -- Steve van der Burg Information Technology Services London Health Sciences Centre & St. Joseph's Health Care London (519) 685-8500 ext 35559 steve.vanderb...@lhsc.on.ca Jim Garrison <j...@jhmg.net> wrote: > Every example for Apache2::AuthCookie shows > > ... > WhatEverPath / > ... > > but I can find nothing that explains what the value "/" represents. > Is it a URI? Later in the sample configs we see URIs to which > protection applies are defined by <Location> or <Files> tags, > > How does the value of this parameter affect the behavior of AuthCookie, > and under what circumstances would its value not be "/"? > > Thanks > > -- > Jim Garrison (j...@acm.org) > PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 -------------------------------------------------------------------------------- This information is directed in confidence solely to the person named above and may contain confidential and/or privileged material. This information may not otherwise be distributed, copied or disclosed. If you have received this e-mail in error, please notify the sender immediately via a return e-mail and destroy original message. Thank you for your cooperation.