{"draft":"draft-ietf-httpstate-cookie-23","doc_id":"RFC6265","title":"HTTP State Management Mechanism","authors":["A. Barth"],"format":["ASCII","HTML"],"page_count":"37","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"HTTP State Management Mechanism","abstract":"This document defines the HTTP Cookie and Set-Cookie header fields.\r\nThese header fields can be used by HTTP servers to store state\r\n(called cookies) at HTTP user agents, letting the servers maintain a\r\nstateful session over the mostly stateless HTTP protocol.  Although\r\ncookies have many historical infelicities that degrade their security\r\nand privacy, the Cookie and Set-Cookie header fields are widely used\r\non the Internet.  This document obsoletes RFC 2965.  [STANDARDS-TRACK]","pub_date":"April 2011","keywords":["[--------]","Cookie","Set-Cookie","Secure","HttpOnly"],"obsoletes":["RFC2965"],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6265","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6265"}