Subject: Re: tnftp and HTTP cookies
To: Ignatios Souvatzis <ignatios@theory.cs.uni-bonn.de>
From: Rafal Boni <rafal@pobox.com>
List: tech-userlevel
Date: 12/23/2003 13:42:44
In message <20031223101908.GB10089@cs.uni-bonn.de>, you write: 

[...me, earlier...]
-> > As for just just accepting the cookies and /dev/null'ing them, that
-> > adds no value (the ftp client already does this by virtue of the fact
-> > that it ignores the cookie headers -- you need to return the cookies
-> > to the server, else you'd be able to download with a totally-cookie-
-> > less request).
-> 
-> I have experienced a lot of servers that insist to store a cookie to work
-> for all accesses, but never use it, or if they can not retrieve an earlier
-> one, still happily continue as longas they can creae a new one.

Maybe I'm missing something, but if you suggest that we /dev/null all
incoming cookies, I'm not sure how the server knows it created the
cookie... Either the server will serve you files without the cookies
(which we already handle), or you have to send the cookie back in order
to prove you've stored it sucesfully.  There's no other way for the
server to verify it stored the cookie; the "use an earlier one" method
still requires the client to send the cookies, which is probably 80%
of what's needed to send *any* cookies.

--rafal

----
Rafal Boni                                                     rafal@pobox.com
  We are all worms.  But I do believe I am a glowworm.  -- Winston Churchill