On Sep 9, 2014, at 04:01 , vipin kumar <vipin786allawadhi@xxxxxxxxx> wrote: > Thanks Eric. > > can you please share any real network wireshark traces which can show that cookie can come in between as well. That should not be necessary - the standard does not require any specific order, therefore any well-behaved server should handle any order. The first tool I've tried - curl - does indeed send any additional Headers after the Cookie header: $ curl -H 'foo: bar' -vb "baz=quux" http://google.com/ * Hostname was NOT found in DNS cache * Trying 74.125.136.100... * Connected to google.com (74.125.136.100) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.37.1 > Host: google.com > Accept: */* > Cookie: baz=quux > foo: bar > < HTTP/1.1 302 Found < Cache-Control: private < Content-Type: text/html; charset=UTF-8 < Location: http://www.google.de/?gfe_rd=cr&ei=_tAOVOWrL8mX-Aaa8ICoDQ < Content-Length: 258 < Date: Tue, 09 Sep 2014 10:05:50 GMT * Server GFE/2.0 is not blacklisted < Server: GFE/2.0 < Alternate-Protocol: 80:quic < --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|