Steven Bingler

I poked around a bit and it appears the reason is because `Domain=localhost` contains only a single subcomponent ("localhost"), which will always return an empty string when Chrome attempts to...

Hi @bagder, Section 4 defines how a well behaved server _should_ format their cookies. Unfortunately not all servers are well behaved so in the interest of compatibility UAs are encouraged...

> What's the point in specifying a format that isn't followed by implementations? By which implementations? The spec exists for UAs consuming cookies as well as the servers producing them....

To make sure I understand: Is your proposal to fix this issue to make the UA parser requirements more obvious (in some way) to readers of the spec? And therefore...

So then is your proposal to remove the syntax as described currently in [section 4](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis/#section-4) and replace its usage with the syntax as described in [Section 5.4](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis/#section-5.4)? I.e.: To recommend...

I agree that having a single syntax to refer to would be ideal, unfortunately the web has not been ideal with respect to cookies with many erroneous and incomplete implementations...

> I argue these problems already exist and I propose a way that could work to reduce them. It seems we agree that there are user agents (UAs) already that...

Your proposal removes compatibility with existing UAs that reject cookies made with the lax syntax. What benefits do you see that outweigh this loss of compatibility?

I have no data indicating which/how many UAs would be adversely affected by this nor which/how many servers are already producing cookies that don’t match the stricter syntax. I’m also...

The reasons I’ve seen so far to support a single syntax have presupposed two important factors: 1) the more lax syntax is a defacto standard for servers that sees wide...