A HTTP Cookie consists of a name-value pair and can be set by the

Question

0

Asked: June 6, 20262026-06-06T19:27:59+00:00 2026-06-06T19:27:59+00:00

A HTTP Cookie consists of a name-value pair and can be set by the

0

A HTTP Cookie consists of a name-value pair and can be set by the server using this response:

HTTP/1.0 200 OK
Content-type: text/html
Set-Cookie: name=value
Set-Cookie: name2=value2; Expires=Wed, 09 Jun 2021 10:18:14 GMT

Future requests from the client will then look like this:

GET /spec.html HTTP/1.1
Host: www.example.org
Cookie: name=value; name2=value2

Is the name of the cookie case sensitive?

For example, if my server sends a response as such:

HTTP/1.0 200 OK
Content-type: text/html
Set-Cookie: Aaaa=Bbbb
Set-Cookie: aAaa=bBbb
Set-Cookie: aaAa=bbBb
Set-Cookie: aaaA=bbbB

Is it reasonable to expect a client (Chrome, FireFox, Safari, IExplorer, Opera, etc) to send future requests with the header Cookie: Aaaa=Bbbb; aAaa=bBbb; aaAa=bbBb; aaaA=bbbB;?

_{Note: Question is neither JSP-specific, PHP-specific, nor ASP-specific.}

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-06T19:28:00+00:00

Cookie names are case-sensitive. The RFC does not state that explicitly, but each case-insensitive comparison is stated so explicitly, and there is no such explicit statement regarding the name of the cookie. Chrome and Firefox both treat cookies as case-sensitive and preserve all case variants as distinct cookies.

Test case (PHP):

print_r($_COOKIE);

setcookie('foo', '123');
setcookie('Foo', '456');

Load script twice, observe $_COOKIE dump on second run.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

A HTTP Cookie consists of a name-value pair and can be set by the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply