Page History

Requirement

Servlet

Netscape

RFC2109

RFC6265

Format of name

Must conform to RFC2109. Vendors may provide option to allow Netscape format

A sequence of characters excluding semi-colon, comma and white space. Browsers generally stop at first equals,

token

token

Format of value

The value can be anything the server chooses to send. With Version 0 cookies, values should not contain white space, brackets, parentheses, equals signs, commas, double quotes, slashes, question marks, at signs, colons, and semicolons. Empty values may not behave the same way on all browsers.

This string is a sequence of characters excluding semi-colon, comma and white space.

token

quoted-string

cookie-value

Domain

String, per RFC2109

domain=DOMAIN_NAME

"Domain" "=" value

"Domain=" domain-value

Path

String, per RFC2109

path=PATH

"Path" "=" value

"Path=" path-value

Secure

boolean

secure

"Secure"

"Secure"

HttpOnly

boolean

N/A

N/A

"HttpOnly"

Expires

N/A

expires=DATE as "Wdy, DD-Mon-YYYY HH:MM:SS GMT"

N/A

"Expires=" sane-cookie-date

Max-Age

int in seconds

N/A

"Max-Age" "=" value

"Max-Age=" non-zero-digit *DIGIT

Comment

String

N/A

"Comment" "=" value

allowed by extension

Version

int (0 or 1)

N/A

"Version" "=" 1*DIGIT

allowed by extension

Extension

N/A

N/A

N/A

any CHAR except CTLs or ";"