[whatwg] HTML Cookie API

Adam Barth w3c at adambarth.com
Wed Feb 24 21:11:24 PST 2010

On Wed, Feb 24, 2010 at 8:49 PM, Darin Fisher <darin at chromium.org> wrote:
> Some other random comments:
> 1- Perhaps deleteCookie should also take an optional error callback.

Done.  It's a bit strange, but deleteCookie can fail in third-party contexts.

> 2- Is it possible for setCookie to be used to set a http-only cookie?  That
> could be an interesting use case.

Some browsers allow this, but others don't.  IMHO, it doesn't matter
much for security, but some folks think that it does.


More information about the whatwg mailing list