It is the path part of a URL. The HTML Cookie specification defines it, and
this is AuthCookie's way of letting you set it.
If the request domain + path doesn't match those set in the cookie, then the
browser won't send the cookie to the server.
When using cookies for non-auth purposes, there are lots of cases where you
would want something more specific than / (to set a preference specific to an
add at some.web.site/some/app, for example). You're right that, for auth, it's
hard to imagine when you wouldn't want to just leave it as /.
...Steve
--
Steve van der Burg
Information Technology Services
London Health Sciences Centre
& St. Joseph's Health Care London
(519) 685-8500 ext 35559
steve.vanderb...@lhsc.on.ca
Jim Garrison wrote:
> Every example for Apache2::AuthCookie shows
>
> ...
> WhatEverPath /
> ...
>
> but I can find nothing that explains what the value "/" represents.
> Is it a URI? Later in the sample configs we see URIs to which
> protection applies are defined by or tags,
>
> How does the value of this parameter affect the behavior of AuthCookie,
> and under what circumstances would its value not be "/"?
>
> Thanks
>
> --
> Jim Garrison (j...@acm.org)
> PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88
This information is directed in confidence solely to the person named above and
may contain confidential and/or privileged material. This information may not
otherwise be distributed, copied or disclosed. If you have received this e-mail
in error, please notify the sender immediately via a return e-mail and destroy
original message. Thank you for your cooperation.