Duplicate field verification improvement
Opened this issue · 0 comments
bneradt commented
We currently support duplicate field verification via this syntax:
- [ set-cookie,
[ "A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
"A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
equal ]
This applies the equal
directive to each set-cookie duplicated field in the order listed. Only one directive type can be specified. We should at least support the new map syntax for this:
- [ set-cookie,
{ value: ["A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
"A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
as: equal } ]
And this would be really cool:
- [ set-cookie,
[
{ value: "A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
as: present },
{ value: "A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
as: equal } ] ]
Thus different directives could be applied to each field. This latter is not likely easy to implement. Look into it.
Regardless of the mechanism settled upon, this must be documented.