So what's magical about Safari?
Chris Edwards
ukcrypto at chiark.greenend.org.uk
Fri, 4 Apr 2008 01:24:20 +0100 (BST)
On Thu, 3 Apr 2008, Richard Clayton wrote:
|
| c) sites can also set cookies in other people's domains
|
Oh dear - I'd completely missed that part.
Still, AIUI, a site can't set cookies in arbitary domains. It's only
where elements of a page at www.example.com reside elsewhere - for example
<img src="http://doubleclick.com/...>. In this case, the doubleclick
server gets to set a cookie (only) for doubleclick.com. So one can
sort-of say that www.example.com "set" a cookie for doubleclick.com.
Is that right ?
| What I'm unable to establish from Googling appropriate pages is the
| impact of encountering 3xx responses, whether Safari remembers the
| original URL the user asked for (and turns down cookies if you go
| somewhere else) or whether this is irrelevant [an easy experiment for a
| Safari user to try!]
Will try this shortly...