This is a community-service posting: The purpose is to unambiguously state the specification of “cookie processing wrt public suffixes”.

Why go thru the effort of doing this: It is somewhat difficult to tease this out of the requisite specification(s) and associated documents, e.g., [RFC6265] and the effective Top Level Domain List, and so here it is (corrections/comments welcome)..

HTTP cookie processing algorithm in terms of Same Origin Policy and “effective Top Level Domains (eTLDs)” aka “Public Suffixes”

=JeffH sez: it’s long — read it anyway 🙂

Average Rating: 4.5 out of 5 based on 235 user reviews.

Leave a Reply

You must be logged in to post a comment.