Archive for April, 2015

HTTP cookie processing algorithm in terms of Same Origin Policy and “effective Top Level Domains (eTLDs)

Thursday, April 30th, 2015

This is a community-service posting: The purpose is to unambiguously state the specification of “cookie processing wrt public suffixes”.

Why go thru the effort of doing this: It is somewhat difficult to tease this out of the requisite specification(s) and associated documents, e.g., [RFC6265] and the effective Top Level Domain List, and so here it is (corrections/comments welcome)..

HTTP cookie processing algorithm in terms of Same Origin Policy and “effective Top Level Domains (eTLDs)” aka “Public Suffixes”

=JeffH sez: it’s long — read it anyway :)