I don't remember I removed from the manual the entry for the 'delete' command. I remember I commented out the entry related to a 'CookieDomain' command that had the comment "not coded yet".
2010-04-29 Massimo Manghi <[email protected]> ... * doc/xml/session.xml: Commented line about a 'CookieDomain' command of Session that appears to be non coded yet. To be added to the TODO file. Since I was trying to get Rivet 2.0.0 released I wanted to have the manual as clean as possible and I decided to set the problem aside and come back to it once Rivet was out -- Massimo On Fri, 10 Sep 2010 14:36:40 -0500, Damon Courtney wrote > I notice that the 'cookie delete' command was removed from the docs, > but it still exists in the cookie.tcl file. Any particular reason? > I found it a nice and clean command for deleting a cookie instead of: > > cookie set foo "" -minutes -1 > > Which just looks stupid. 0-] > > Also, I have found something interesting as I'm writing some login / > session management code. If you set a cookie and then immediately > redirect to another page (via header redirect), the cookie doesn't > actually get passed to the browser. So your cookie doesn't get set > before redirecting to the next page. > > That is, of course, unless you specify -path / EXPLICITLY! Not sure > why that is, but that's the deal. If you specify -path /, the > cookie will get passed along with the redirect header, and the > browser will set it correctly before moving on. The default > behavior if no path is specified for a cookie is to use the path of > the object that was requested. Does anyone actually want this > behavior?? It seems to me the smarter default is simply /. > > I propose modifying the 'cookie set' command to default -path to / > if none is specified, which would mean that people don't get bitten > by this little idiosyncrasy in their own code, but they can still > specify -path for a subdirectory if they really want to. Also, I > propose bringing back the docs for 'cookie delete' and making that > command use -path / as the default as well. Given those small > changes, you can easily set or delete a cookie and immediately > redirect to another page, and it will work as you expect. I think > this is what most people would expect the behavior to be anyway. I > know I did. 0-] > > D > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] -- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
