lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev 2.8.3dev.2 patch 3 - lynx.cfg cookie text


From: Klaus Weide
Subject: lynx-dev 2.8.3dev.2 patch 3 - lynx.cfg cookie text
Date: Tue, 22 Jun 1999 02:26:34 -0500 (CDT)

Some added/changed text about the cookie options in lynx.cfg.
Note that the following sentence is deleted from the

   #COOKIE_ACCEPT_DOMAINS:
   #COOKIE_REJECT_DOMAINS:

description:

   The ACCEPT_ALL_COOKIES parameter will override any settings
   made here.

This isn't true, and AFAIK it never was.  IOW if a domain string
is explicitly listed in COOKIE_REJECT_DOMAINS, this is stronger
than ACCEPT_ALL_COOKIES.

   Klaus

* Add some clarifications in lynx.cfg regarding cookies.

--- lynx2-8-3.old/lynx.cfg Mon, 21 Jun 1999 03:52:35 -0500
+++ lynx2-8-3/lynx.cfg Tue, 22 Jun 1999 02:12:02 -0500
@@ -874,14 +874,24 @@
 #TAGSOUP:FALSE
 
 # If SET_COOKIES is set FALSE, Lynx will ignore Set-Cookie headers
-# in http server replies.
+# in http server replies.  Note that if a COOKIE_FILE is in use (see
+# below) that contains cookies at startup, Lynx will still send those
+# persistent cookies in requests as appropriate.  Setting SET_COOKIES
+# to FALSE just prevents accepting any new cookies from servers.  To
+# prevent all cookie processing (sending *and* receiving) in a session,
+# make sure that PERSISTENT_COOKIES is not TRUE or that COOKIE_FILE does
+# not point to a file with cookies, in addition to setting SET_COOKIES
+# to FALSE.
 # The default is defined in userdefs.h, and can be overridden here,
 # and/or toggled via the -cookies command line switch.
 #
 #SET_COOKIES:TRUE
 
 # If ACCEPT_ALL_COOKIES is set TRUE, Lynx will accept cookies from all
-# domains with no user interaction.
+# domains with no user interaction.  This is equivalent to automatically
+# replying to all cookie 'Allow?' prompts with 'A'lways.  Note that it
+# does not preempt validity checking, which has to be controlled separately
+# (see below).
 # The default is defined in userdefs.h and can be overridden here, or
 # in the .lynxrc file via an o(ptions) screen setting.  It may also be
 # toggled via the -accept_all_cookies command line switch.
@@ -889,29 +899,44 @@
 #ACCEPT_ALL_COOKIES:FALSE
 
 # COOKIE_ACCEPT_DOMAINS and COOKIE_REJECT_DOMAINS are comma-delimited lists
-# of domains from which Lynx should automatically accept or reject all
-# cookies.  If a domain is specified in both options, rejection will take
-# precedence.  The ACCEPT_ALL_COOKIES parameter will override any settings
-# made here.
+# of domains from which Lynx should automatically accept or reject cookies
+# without asking for confirmation.  If the same domain is specified in both
+# lists, rejection will take precedence.
+# Note that in order to match cookies, domains have to be spelled out exactly
+# in the form in which they would appear on the Cookie Jar page (case is
+# insignificant).  They are not wildcards.  Domains that apply to more than
+# one host have a leading '.', but have to match *the cookie's* domain
+# exactly.
 #
 #COOKIE_ACCEPT_DOMAINS:
 #COOKIE_REJECT_DOMAINS:
 
 # COOKIE_LOOSE_INVALID_DOMAINS, COOKIE_STRICT_INVALID_DOMAINS, and
-# COOKIE_QUERY_INVALID_DOMAINS are comma-delimited lists of which domains
-# should be subjected to varying degrees of validity checking.  If a
-# domain is set to strict checking, strict conformance to RFC2109 will
+# COOKIE_QUERY_INVALID_DOMAINS are comma-delimited lists of domains.
+# They control the degree of validity checking that is applied to cookies
+# for the specified domains.
+# Note that in order to match cookies, domains have to be spelled out exactly
+# in the form in which they would appear on the Cookie Jar page (cass is
+# insignificant).  They are not wildcards.  Domains that apply to more than
+# one host have a leading '.', but have to match *the cookie's* domain
+# exactly.
+# If a domain is set to strict checking, strict conformance to RFC2109 will
 # be applied.  A domain with loose checking will be allowed to set cookies
 # with an invalid path or domain attribute.  All domains will default to
-# querying the user for an invalid path or domain.
+# asking the user for confirmation in case of an invalid path or domain.
+# Cookie validity checking takes place as a separate step before the
+# final decision to accept or reject (see previous options), therefore
+# a cookie that passes validity checking may still be automatically
+# rejected or cause another prompt.
 #
 #COOKIE_LOOSE_INVALID_DOMAINS:
 #COOKIE_STRICT_INVALID_DOMAINS:
 #COOKIE_QUERY_INVALID_DOMAINS:
 
-# COOKIE_FILE is the default file to store persistent downloaded cookies
-# in, if Lynx was compiled with EXP_PERSISTENT_COOKIES.  The cookie file
-# can also be specified in .lynxrc or on the commandline.
+# COOKIE_FILE is the default file from which persistent cookies are read
+# at startup (if the file exists), and into which persistent cookies are
+# stored before exiting, if Lynx was compiled with EXP_PERSISTENT_COOKIES.
+# The cookie file can also be specified in .lynxrc or on the commandline.
 #COOKIE_FILE:~/.lynx_cookies
 
 # PERSISTENT_COOKIES indicates that cookies should be stored for use between


reply via email to

[Prev in Thread] Current Thread [Next in Thread]