Talk:HTTP cookie/Archive 1

Web bugs
I removed the following lines, following "Some sites contain images called web bugs (that are transparent and only one pixel in size, so that they are not visible) that place cookies on all computers that access them.":

E-commerce websites can then read those cookies, find out what websites placed them, and send e-mail spam advertisements for products related to those websites. Companies that use this system defend it as an effective way to give consumers access to products in which they are likely to be interested. If sites that place these tracking cookies are paid by the commercial operator, the revenue can allow them to place their content online at no cost to the creators. Because ... that's just not accurate. Perhaps the author meant something different, but how do these "e" "commerce" companies get the users' email addresses? Let's not imbue cookies with some magic powers that don't actually exist.

My replacement text, in context w/ the line before: "Some sites contain images called web bugs (that are transparent and only one pixel in size, so that they are not visible) that place cookies on all computers that access them. A single source could have bugs on multiple sites, potentially tracking and correlating a user's activity on across multiple sites, assuming the other sites co-operated by placing the appropriate code into their own site."

This is also not accurate - transparent images cannot place cookies. They primarily use these 'web bugs' to track you by IP address. - 129.89.246.120 21:39, 8 May 2006 (UTC)

How to delete cookies
Should we add how to delete cookies for anyone panicked by reading this page?

--BozMo 10:21, 23 May 2004 (UTC)

Yes, but we would have to be explicit about the many OS/web browser combinations : Windows 95/98/NT/2k..., various BSDs, Linux, Mac,... ; Internet Explorer, Mozilla, Lynx, Galeon, Firebird,... Maybe this would be lengthy? --Olivier Debre 08:38, 25 Aug 2004 (UTC)

I don't think Wikipedia is supposed to be a tech support resource. We could provide a link to various pages that explain it (official Apple/Microsoft/Mozilla pages would be best) but not explain it here outright. Anyways, I think by the information shown in the beginning of the article the reader can at least navigate and view their cookies. It should be self explanatory as to how to delete them once they've seen the options in the web browser. Xavier86 12:28, Jan 3, 2005 (UTC)

Alternatives to Cookies
I thought that the "Future of Cookies" might have been a little outdated, as it referred to the Brownie project that was no longer in development. I have changed this section to be "Alternatives to Cookies" and added P3P as a possible alternative. This is one of my first few edits, feel free to fix up any grammer, style etc - just please let me know so I can learn for the future. Joeldixon66 04:05, 18 Mar 2005 (UTC)

Doesn't P3P work in conjunction with Cookies? The focus could be cookies and how P3P functionality and compact policies could allow certain browsers the ability to block or restrict them.--Coretester 22:53, 13 December 2005 (UTC)

Right. The section should probably be titled "related concepts" or something like that. There is however a separate article for P3P. - Liberatore(T) 11:04, 14 December 2005 (UTC)

Third-party Cookies
Perhaps somebody could add an explanation about the difference between first-party and third-party cookies. Are third-party ones just from domains other than the one you're browsing? (ie. from embedded images/plugins/frames that load from other servers?) &mdash; SimonEast 03:53, 14 September 2005 (UTC)

Information on third-party cookies is duplicated in the article. Someone more familiar with the entire article may be able to delete some of the duplication. Adam Trogon 14:12, 8 May 2006 (UTC)

How do i enable cookies?
please help.

144.132.6.49 22:44, 12 November 2005 (UTC)

Browser settings
The section on browser settings is problematic: it is basically an howto and nothing more. That such a summary can be useful is clear; it's just not the kind of stuff for an encyclopedia (WP:NOT, Section Wikipedia is not an indiscriminate collection of information, point 8). I was thinking to replacing it with a summary, if nobody disagrees. Paolo Liberatore (Talk) 20:31, 25 November 2005 (UTC)

Here is the material I have removed from the article (replacing it with a summary).

Microsoft Internet Explorer
Tools > Internet Options > Privacy Tab on some though you may have to go to security > custom level > and find cookies
 * Use slider to set options, or use advanced options

Make sure to block 3rd party cookies without a compact privacy policy.

Mozilla Firefox
The best option is to enable P3P:

Open a new browser window and type about:config into the location box.

1) On the line that says "Filter", type "network.cookie.cookieBehavior" and change the value below to "3".

2) Then type "network.cookie.p3p" and change the values to 0 / afafaaaa for low, 1 / ffffaaaa for medium or 2 / frfradaa for high. (medium is suggested in most cases)

See: Firefox Help - Firefox and Cookies

Alternatively, you can use the Privacy options in (Tools > Options > Privacy)

(Note: On Linux this may appear as Edit > Preferences > Privacy, on the Mac as Firefox > Preferences > Privacy)


 * Set options under Cookies
 * Exceptions allows per site settings of block/allow for session/allow
 * View Cookies opens a cookie management window, showing details of stored cookies, allowing them to be deleted or blocked
 * If cookies are allowed, they may be restricted to the originating site only
 * Accepted cookies may be kept until they expire, or until Firefox is closed.

iCab Company iCab
Cookie settings in iCab can be set globally with the preferences or per-wildcard-URL with its Filter Manager. The information below is a touch long but reflects the power of iCab's configuration.

To view existing cookies and set HTTP-based cookie settings, open the Cookie Manager window: Tools > Cookie Manager

From here, you can view and delete cookies and (under Information for selected cookies) cause them to expire at the end of the session. Click Cookie Preferences to open the Cookie preferences.


 * Cookies can be:
 * Never accepted
 * Prompted for acceptance
 * Accepted but not used
 * Always accepted
 * Always accepted but only kept until the end of the session (i.e. you quit iCab/shut down the computer)
 * Cookies not directly from the sites (servers) you are viewing can be rejected (e.g. third-party activity tracking cookies)
 * Cookies that will not remain on the machine (which cannot be used to track your activity over time) can be automatically accepted regardless of the general setting
 * Invalid and "Illegal" (in computer terms, not criminal law terms) cookies can be automatically rejected

Clicking Edit Cookies brings up the Cookie Manager window.

Those brave enough to face the Filter Manager can configure cookie settings on a per-wildcard-URL basis. JavaScript-generated cookies can also be blocked globally or per-wildcard-URL in the JavaScript preferences; general cookie settings appear to override JavaScript cookie settings.

Apple Safari
Safari > Preferences > Security Tab You may also view every cookie that is currently residing in your browser and delete any of them at will.
 * Select one of the following options
 * Always accept cookies
 * Never accept cookies
 * Accept cookies only from sites you navigate to (for example, not from advertisers on those sites) Selected by default.

KDE Konqueror

 * Remember to place the dot in front of the domain name .wikipedia.org otherwise wikipedia will not read the cookie (in KDE 3.3) when unlisted cookies are set to be rejected in Settings.

Opera Software Opera
Tools > Preferences > Advanced Tab > Cookies
 * Decide when to accept 'normal' cookies (sent by the Web page you are viewing) and 'third party' cookies (sent by other companies, typically advertisers or Web site analytics companies)
 * Manage your cookies with the Server Manager, to delete or set preferences for individual servers

That this material is useful is clear. I do not know where should be placed however. Any ideas? Paolo Liberatore (Talk) 12:13, 7 December 2005 (UTC)

Missing
What's missing (anyone can add to this list):


 * 1) percent-encoding can be used in the name=value;
 * 2) RFC 2965, and in particular the   line
 * 3) domain matching; in particular, two/three dots are necessary, etc.
 * 4) multiple   in the same header
 * 5) I think that the "myths" are not believed any more; any proof of that?

Anything else? - Liberatore(T) 16:40, 16 December 2005 (UTC)

The article says "Cookies were invented for realising a virtual shopping basket". Is this true?? Surely cookies were around well before shopping sites. The article magic cookie talks of cookies as often being used as identifying tokens - a much more plausible reason for their invention. —Preceding unsigned comment added by 62.56.60.157 (talk • contribs) 10:00, 24 October 2006


 * Hi. Section "History of cookies" below this talk page gives some more details about sources. This fact that cookies were invented for shopping bags is reported by Jay Kesan and Rajiv Shah in "Shaping code. Chapter II.B." This is also consistent with what Kristol says (that cookies were developed at Netscape as part of the development of a system for a customer). Tizio, Caio, Sempronio 10:24, 24 October 2006 (UTC)

From peer review
To do, as suggested in the peer review:


 * 1) history of cookies: see links below

(more to be added). - Liberatore(T) 21:01, 16 January 2006 (UTC)

History of cookies
Some links:


 * http://www.anu.edu.au/people/Roger.Clarke/II/Cookies.html
 * http://portal.research.bell-labs.com/~dmk/cookie-ver.html (see web.archive)
 * http://www.rajivshah.com/directory/privacy/cookies/
 * http://www.nytimes.com/2001/09/04/technology/04COOK.html?pagewanted=print
 * http://portal.acm.org/citation.cfm?doid=505248.505263
 * http://arxiv.org/abs/cs.SE/0105018

May be relevant to cookies in general, also. - Liberatore(T) 14:01, 16 January 2006 (UTC)

The Brownie project
Removed from the article:


 * Finally, the Brownie project is a SourceForge open source project intended to replace HTTP cookies. Brownies were to be for sharing across multiple domains, as opposed to cookies that are (supposedly) constrained to a single domain. The project is no longer in development.

While checking for some information about that, I realized that this project not only is not under development for at least 1 year now, but has never notable. - Liberatore(T) 19:32, 16 January 2006 (UTC)

History of cookies
This is a more schematic description of the history of cookies, with sources of every single statement. Modify this list if incorrect or missing something. - Liberatore(T) 14:18, 18 January 2006 (UTC)


 * the original aim of Netscape was to make money by selling server (KS); as a result, e-commerce was an important part of the bussiness of this corporation;
 * one of the customer asked for a way for making the HTTP transaction stateful (Kristol); in particular, the Netcape Enterprise Server Division was working on a contract for a customer for a new shopping cart application (KS)
 * this lead Montulli to the idea of cookies (KS) in June 1994 (Schwartz)
 * Montulli later stated he also considered the idea of giving an unique identificator to every browser of every user; this ID would be then sent by the browser for accessing every page; he rejected this idea for privacy reasons (Schwartz)
 * together with John Giannandrea, Montulli produced the initial Netscape specification (KS)
 * the 0.9beta release of Netscape (September 1994) supported cookies; however, this fact was not widely known to the public (Kristol); in particular, cookies were accepted by default, and the users were not notified in any way of that
 * the first recorded use of cookies (out of the labs) was made for checking whether visitors to the Netscape Web site had already visited the site (KS)
 * in 1995, Montulli and Giannandrea applied for a patent for the cookie technology (the patent was granted in 1998) (KS)
 * in April 1995, discussion on a standardization begins on the [www-talk] mailing list (Kristol)
 * in August 1995, Kristol published the "HTTP State-info mechanisms"; state info was however limited to a single session (KS)
 * support for cookies was integrated in Internet Explorer in version 2, released in October 1995 (historyIE)
 * in December 1995, a working group (a subgroup of the HTTP working group) is formed (Kristol); the group soon decided to use the Netscape mechanism as the starting point for producing a specification
 * on Feb 1996, the working group identifies third-party cookies as a considerable privacy threat (Kristol) (did they invented them? did they discover them? or simply were they made aware of them?)
 * in 1996, the general public was made aware of the existence of cookies by a Financial Times article on Feb 12 (KS); however people were aware of them since first quarter 1995, but the thing become known in the Internet in first quarter 1996 and received a large media coverage beginning from half of 1996 (Clarke)
 * RFC 2109 was issued in February 1997; it specifies that third-party cookies were either not allowed at all, or at least not enabled by default (in the RFC terminology, cookies should not be placed for "unverifiable transactions", which are transations that start without the user having the possibility of not starting it); this reccomandation about third-party cookies was not implemented by Netscape and IE (KS); apparently, advertising companies were already using third-party cookies by this time (Kristol);
 * October 2000: RFC 2965 and RFC 2964
 * As of 2004, both Netscape and Internet Explorer accepts third-party cookies by default (KS)

Cookies were discussed in two U.S. Federal Trade Commission (FTC) hearings in 1996 and 1997 (KS) (Kristol calls them "workshops")

References


 * 1) (KS) Jay Kesan and Rajiv Shah. Shaping code. Chapter II.B (Netscape's cookies). Published as Harvard Journal of Law & Technology, vol. 18, no. 2, pp. 319-399 (Spring 2005), but without the part on cookies!
 * 2) (Kristol) David Kristol. HTTP cookies: Standards, Privacy, and Politics. CACM 2001.
 * 3) (Schwartz) John Schwartz. Giving the Web a memory cost its uses privacy. NY Times.
 * 4) (Clarke) Roger Clarke. Cookies.
 * 5) (historyIE) The history of Internet Explorer

Figure
I have removed this figure because the new one shows the same ad company having benners in two different sites. This is the main problem with third-party cookies.

location?
perhaps there should be information about where cookies typically go on people's computers with the different operating systems - windows, mac, linux, and so on. i know most browsers have a "clear cookies" button, but that doesn't always delete them all.


 * This information would be of interest for many users. The problem is that articles like "HTTP cookie" tend to easily become little how-tos (see above for a part that was removed from the article). A solution would be to add a link to an external site that explain how to delete cookies, rather than telling it in the article itself. - Liberatore(T) 17:19, 2 March 2006 (UTC)

Error in this page
The page says:

The expiration date is specified in the "Wdy, DD-Mon-YYYY HH:MM:SS GMT" format. As an example, the following is a cookie sent by a Yahoo! mail server (the value string has been changed): Set-Cookie: DX=g=1&q=abcd&gtr=sdfsfo; expires=Thu, 15 Apr 2010 20:00:00 GMT; path=/; domain=.yahoo.com

i.e. the page says the date is DD-Mon-YYYY then quotes a cookie with the format "DD Mon YYYY" (i.e. with spaces instead of dashes) -- and it doesn't mention the fact that one or the other is wrong, or if indeed both are allowed...

Please could someone fix this ?


 * Please fix it yourself, SqueakBox 15:11, 2 April 2006 (UTC)


 * I suspect that some date formats that work in practice are not allowed by the specification... I'll have a look at the specs tomorrow, just to be sure. - Liberatore(T) 17:04, 2 April 2006 (UTC)


 * SqueakBox, I know from history that if an "unknown" like me made changes, they'd just be blindly reverted. Thanks - anon. - 21:30, 2 April 2006 (UTC)
 * Not necessarily. As you have discussed this issue on the talk page, and if you add a reasonable summary, it should stick. - Ta bu shi da yu 02:14, 8 May 2006 (UTC)
 * Apparently, there is a "hidden feature" by which cookies with spaces instead of dashes are accepted even if that is not allowed by any of the specifications. In order to say that in the article, I'd need an external source, but I could not find any, so I have just changed the example to one that follows the standard. - Liberatore(T) 19:59, 6 April 2006 (UTC)

'...they have been subject to legislation in various countries such as the United States, as well as the European Union.' Implies EU is a country which it isn't...pedantry? It should read '...as well as in the European Union' in order to distance it from 'in various countries'. I will change it. Pvazz

Etymology?
Why is  it  called  a  "cookie"? And why  isnt  that  in  the  article? // Gargaj 02:41, 28 April 2006 (UTC)
 * Good question. There is some discussion at Talk:Magic cookie. As far as I can see, it's not clear where this use of the term "cookie" comes from. That's why is not mentioned in the article. - Liberatore(T) 19:27, 28 April 2006 (UTC)
 * Should we note that there is speculation where the term "cookie" came from? - Ta bu shi da yu 08:01, 2 May 2006 (UTC)
 * Web cookies got their name from magic cookies; how magic cookies got their name is probably better left to the magic cookie article, IMO. - Liberatore(T) 15:53, 2 May 2006 (UTC)

Rephrase?
"Cookies are used for realising functionalities that are specific to a user. Cookies were introduced for realising a virtual shopping basket where the user can place item to purchase. This way, a user can navigate a site where items are shown, adding or removing them from the shopping basket at any time."

That doesn't really flow that well. - Ta bu shi da yu 08:00, 2 May 2006 (UTC)
 * sofixit :-) - Liberatore(T) 15:56, 2 May 2006 (UTC)

Better image?
I feel that Image:HTTPCookie.png, shown at right, is inadequate as a thumbnail for this article's Main Page entry. How would people feel about using this instead: It should be covered under PD-USGov. While a little whimsical, I think it could make a good lead image for this article, which currently has none, as well as a Main Page thumb. Melchoir 00:26, 8 May 2006 (UTC)
 * http://www.fcc.gov/cgb/kidszone/images/internetcookie.jpg, from The FCC Kids Zone - Is It True?
 * That's cute; I was just thinking we could use something like that.--Pharos 00:31, 8 May 2006 (UTC)
 * Well, having been seconded, I'll upload it now... Melchoir 00:47, 8 May 2006 (UTC)


 * Behold, Image:Internetcookie.jpg Image:HTTP-gingerbreadcookie.jpg. Melchoir 00:53, 8 May 2006 (UTC)
 * That image is hilarious. I approve. Gzabers 01:07, 8 May 2006 (UTC)


 * Hilarious? I had no idea what I was looking at on the main page. Cookies just don't have a good image to go with them. Perhaps just a nice large-font image of the string: "HTTP/1.1" or something like that would make more sense. As it stands, the image makes it look like we're talking about some kind of gingerbread romance site. -Harmil 05:13, 8 May 2006 (UTC)
 * Yeah, I'd support using "HTTP/1.1" or similar; it would be akin to displaying a national flag for news events. But the currrent image is still better than the last one! Melchoir 05:23, 8 May 2006 (UTC)
 * I like The gingerbread cookie. It is a Very playful picture. and the words right next the picture say that the article is about cookies so it doesnt matter. Maybe a picture of The cookie monster from sesame street would be cool but this one is Great the way it is now.--E-Bod 05:26, 8 May 2006 (UTC)
 * If you must go with the visual pun, then it shold be a very simple image that conveys nothing but the word-as-image. In other words, this should be a relatively universal image of a cookie. In my experience, that usually means something that looks like chocolate chip. But the extra information in this image is hard to make out. Who is the girl? What is she doing? How is the cookie related? What's the background on the cookie? It all comes together to make a very distracting image which cannot reasonably be figured out at thumbnail resolution (e.g. on the main page). -Harmil 05:35, 8 May 2006 (UTC)
 * Well, you've got to compare it with (grayed-out-scribble-scribble-scribble-box-dot), which conveyed zero information. Unless of course someone here is an artist; I know I'm not. Melchoir 05:41, 8 May 2006 (UTC)

Cookie--E-Bod 05:46, 8 May 2006 (UTC) The current one is better than a real cookie because the current one has some relationship to computers while the other one is totally out of it. Plus this cookie needs t be converted into a png for a transparent background. Unless of course that messes up the picture when you print it--E-Bod 05:51, 8 May 2006 (UTC) This cookie contains Text just like an HTTP cookie. And look. Somebody broke into it.--E-Bod 05:54, 8 May 2006 (UTC)
 * Ooh, perfect! I support the fortune cookie. Melchoir 05:56, 8 May 2006 (UTC)
 * I'm having a lot of difficulty seeing how Image:Internetcookie.png adds anything to this article, or even how it's supposed to represent an HTTP cookie, other than the fact that it's a clip-art computer user juxtaposed with a clip-art gingerbread man. It conveys absolutely no information about what HTTP cookies are, how they work, or what they're used for. If anything, it gives the impression that HTTP cookies "spy" on computer users. Other images of cookies are pretty worthless, too. It might be cute to have a picture of a cookie in the article about HTTP cookies, but such a picture really has no encyclopedic merit. If the only reason for the current picture is so that we have something to show on the main page, I suggest that we remove the picture from the article as soon as this isn't the featured article of the day any more. —Bkell 08:10, 8 May 2006 (UTC)


 * I can think of at least one defense for its encyclopedic merit. The original use of the picture is to accompany a few paragraphs that deny the myth that "Cookies track everything you do on the Internet." Other images on the website are similarly sarcastic. So, the picture is an illustration of fears concerning cookies that are so common, the FCC thought it was necessary to debunk them to children! These themes are, in fact, touched on in the introduction already. Melchoir 08:21, 8 May 2006 (UTC)


 * I've tried to improve our caption to reflect its original context better.--Pharos 08:28, 8 May 2006 (UTC)


 * The new caption is an improvement. But if it's illustrating something that cookies are not, then it's definitely not appropriate as the representative image for the article. It's like using a biohazard symbol for the monosodium glutamate article—though some people believe MSG has negative health effects, it would be inappropriate to use a symbol of these fears if MSG made the front page. The gingerbread man should probably be moved to the "Misconceptions" section instead of being at the top of the page.
 * Furthermore, how does the gingerbread man help to explain or demonstrate this myth in any way? Does this image really enhance the article, or are we simply using the image for its own sake? Would you expect to see this image or a similar one in the Encyclopædia Britannica or World Book or Encarta or another encyclopedia, or only on a fun cartoonish page made for children? —Bkell 08:34, 8 May 2006 (UTC)


 * The biohazard analogy is misleading because that symbol isn't an intentional, specific depiction of MSG. Given a professional-quality caption explaining the context and meaning of the image, I don't think it's inappropriate, and I wouldn't expect to see it in a kid's page; I'm not sure about traditional encyclopedias, but I wouldn't be shocked. As for moving the image to "Misconceptions", my heart would go on. But I would much rather have it as a lead image, if only for looks, and I think we're analyzing it a lot more than any reader will. Melchoir 08:57, 8 May 2006 (UTC)

For the front page, we need an image, so discussion of cookie images makes sense, but why does THIS article need an image? The only thing I could see making sense as far as an image goes is an image of an acutal cookie, ala the image to the right. -Harmil 15:06, 8 May 2006 (UTC)


 * I think that the gingerbred image is POV, presenting cookies as mearly a privacy threat, and encouraging people to turn them off, which can be a pain to site developers who rely on them to maintain sessions on their pages. I think a good, cute, image would be a chocolate chip cookie on a computer monitor.  This wouldn't be POV, wouldn't be cryptic to people without prior knowledge like showing the HTTP request, but would still have an association to computers. --Phantom784 21:48, 8 May 2006 (UTC)

How to
HTTP_cookie seems like a How to on steeling cookies. How to's should be moved to wiki books but also. Who puts a How to on things we shouldn't be doing. It's like posting a "how to make a bomb" or a "How to hack into Wikipedia and obtain the passwords of users checking sources of pages and Vandalize under their user names to get them blocked"

I suggest you remove the code--E-Bod 03:06, 8 May 2006 (UTC)

Ahhh
Ahhh the page sudenly dissapered?. It's a Featured page how could that happen?--E-Bod 03:11, 8 May 2006 (UTC)


 * The admins are purging part of the history that contains personal information. Unfortunately, this has happened before in other featured articles.— G . H e  03:14, 8 May 2006 (UTC)
 * WOW That is so COOL--E-Bod 03:15, 8 May 2006 (UTC)


 * It appears it has happened again...— G . H e  03:16, 8 May 2006 (UTC)


 * How come this seems to be happening so often lately (within the past week) when I've never seen it before? Or has it occurred frequently before and I just missed it? -albrozdude 03:18, 8 May 2006 (UTC)


 * The first time I've seen it was at the Albatross article (Note the "/bad"'s in the article history...). During that time, I've heard that this type of vandalism was rare.— G . H e  03:19, 8 May 2006 (UTC)


 * Yeah, what's the deal? I only just noticed it yesterday during one of the periods when the last FA was temporarily a redlink. This log is ridiculous. Are the perps getting banned or what? Melchoir 03:20, 8 May 2006 (UTC)


 * Attacks are from the Wikipedia Vandalization Research Institute. Codier 03:21, 8 May 2006 (UTC)


 * How come they don't ban the IP... Banning the Accounts isn't really useful because they can make new ones, but I think very new accounts cannot modify semi-protected pages..... Maybe the vandals are using dialup, which shares IPs?— G . H e  03:24, 8 May 2006 (UTC)
 * Wow. Unfortunately you can't purge my Google Desktop Page catch stored locally on my computer. (darn another edit Conflict)E-Bod 03:25, 8 May 2006 (UTC)

Is it really necessary to have that protection tag in the article? It ruins the presentation of the featured article. Besides, the tag doesn't decide whether the article is protected or not, but rather only indicates the current situation. I'm sure that people will find that out when they try to edit the article...— G . H e  03:35, 8 May 2006 (UTC)


 * I agree 100%. I'll remove it. Shanes 03:41, 8 May 2006 (UTC)

Site examples
Please note that both http://evil.com and http://good.com exist. -- SGBailey 09:31, 8 May 2006 (UTC)


 * Yes, if there need to be example URLs, they should be located in the standard example domain: http://evil.example.com http://good.example.com


 * The example.com domain is reserved for this use. -Harmil 15:10, 8 May 2006 (UTC)


 * Unfortunately, http://evil.example.com and http://good.example.com are not correct for this example, as http://evil.example.com is allowed by the specification to set cookies that are also sent to http://good.example.com In order for this being a valid example, the two domains must differ in their second-level name. I have currently changed these to evil.net and good.net; as an alterntive, one could be example.com, but then there should be a second domain to use as an attacker. - Liberatore(T) 12:38, 10 May 2006 (UTC)

On the other hand . ..
Normally wouldn't leave a note here for such a minor edit, but, in light of recent vandalism on FA, thought it might be a good idea. The term "on the other hand" is used at least three times in the article and tends to stand out as the author does not seem to be making a "on one hand THIS and on the other hand THAT" argument. The lines in question do not need a bridge statement of any kind. The writing is strong enough on its own. Good job, btw.204.76.128.217 15:07, 8 May 2006 (UTC)thepearl

Double checked my Chicago Style Manual about capitalization of bulleted and numbered lists and made appropriate changes. I will stop now, I promise!Thepearl 15:36, 8 May 2006 (UTC)thepearl

"Textual Information"
This phrase appears in the introduction to the article. Is it actually correct? Surely 'text' is better? 'Textual' sounds a bit contrived to me... fatbarry2000 17:40, 8 May 2006 (UTC)
 * I also think that "text" is better than "textual information". - Liberatore(T) 18:31, 8 May 2006 (UTC)

A HTTP not An HTTP
OK, I'm being pedantic so slap me! But, here's the rule from the Oxford English Dictionary under an: 'Some people retain the use of an before words beginning with a sounded h e.g. an hotel, an historian. Historically this was justifiable because the h- was dropped in these words, but today this is not the case and a hotel, a historian, are now the preferred forms.' I know, I know :-) El Gringo 22:15, 8 May 2006 (UTC)


 * But is it "An H" or "A H" (the letter). I'm not really a native speaker, but it sounds wrong to me to say "A H" (or "A HTTP"). Shanes 22:19, 8 May 2006 (UTC)


 * It's correct to say an HTTP cookie, not a HTTP cookie, because what you're really saying is an aitch-tee-tee-pea cookie. Since the letter H begins with a vowel sound when pronounced, it should be preceded by an, not a. This is why it's never correct to say a honor, even though the word honor begins with an H; and it's correct to say a unicorn, not an unicorn, even though unicorn begins with a vowel. It's not the letter that starts the word that determines a or an—it's the sound that starts the word. —Bkell 22:43, 8 May 2006 (UTC)


 * At first I was unsure about this, but my Prentice Hall guide seems to agree with you. 71.254.72.181 23:08, 8 May 2006 (UTC)


 * Yes, and so does the Oxford English Dictionary, which says an is "now retained only before a vowel sound" (note that it is the sound that is important, not the spelling). Wikipedia has an article about this too; see a, an. —Bkell 23:20, 8 May 2006 (UTC)


 * Generally, when a word is shortened to its initials, an is used anyway. Ian ¹³  /t  19:22, 4 July 2006 (UTC)