[aerogear-dev] Cookie Management APIs / Specs

Summers Pittman supittma at redhat.com
Wed Jun 26 09:52:34 EDT 2013


On Wed 26 Jun 2013 05:28:20 AM EDT, Christos Vasilakis wrote:
> Hi,
>
> in iOS there is shared singleton object (per app) NSHTTPCookieStorage
> <http://developer.apple.com/library/mac/#documentation/Cocoa/Reference/Foundation/Classes/NSHTTPCookieStorage_Class/Reference/Reference.html> that
> provides and API for the user to manipulate cookies per se. Not sure I
> understand but you mean accessing the cookies associated with Pipe
>  and have a way to manipulate them instead of going through the
> underlying platforms cookie manager.. ?
>

Pretty much.  Right now so much of that is automatic and hidden from 
the user.

I'm not advocating adding more complexity to cookie management, but 
what I would like is for cookie management to be possible.

As an example, right now when you call logout from httpbasic the cookie 
store for that domain is purged, but there isn't any hook to 
selectively set cookies to be disable or preserved.

> Thanks,
> Christos
>
>
> On Jun 26, 2013, at 12:15 AM, Kris Borchers <kborcher at redhat.com
> <mailto:kborcher at redhat.com>> wrote:
>
>>
>>
>> On Jun 25, 2013, at 15:58, Summers Pittman <supittma at redhat.com
>> <mailto:supittma at redhat.com>> wrote:
>>
>>> Y'all,
>>>
>>> One of the open issues in Android today was to create a way to disable
>>> the cookie store.  After discussion, Passos and I decided to punt the
>>> issue and expand it to create a Cookie API for the projects to follow.
>>>
>>> The big issue with cookies on Android right now is they are global to
>>> the application (A Java sdk/Android ism) and we don't provide a easy
>>> facade or view into what is actually going on under the hood.
>>>
>>> Before wandering off into the woods and making up some Android specific
>>> nonsense we decided to get feedback from the community and try to make
>>> some kind of spec.  What should we provide, how should it look across
>>> platforms, and what are the limitations of the platforms we have to
>>> support? (I'm looking at you in browser java script)
>>
>> I'm not sure JS needs any sort if cookie management API. Cookie
>> management across browsers via JavaScript is pretty much identical
>> from what I remember. But even beyond that, for the most part the
>> browser handles cookies for us, passing them around and modifying
>> them when necessary based on headers it receives so there is rarely
>> the need to mess with cookies manually at all.
>>>
>>> Summers
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev




More information about the aerogear-dev mailing list