Delete HTTP headers Cookie2 and Set-Cookie2

[bershanskiy]

Summary

Delete HTTP headers Cookie2 and Set-Cookie2

Motivation

These headers are obsolete and have not been used anywhere in a while now. For context, the proposed standard RFC 6265 which obsoleted them was published in April 2011.

Supporting details

See MDN tables for Cookie2 and Set-Cookie2.
Chrome and Firefox do not process these headers, they just treat them as any other nonsensical "magic bytes" passing on the wire.

Related issues

mdn/browser-compat-data#15405

Metadata

• Adds a new document
• Rewrites (or significantly expands) a document
• Fixes a typo, bug, or other error

[github-actions]

Preview URLs

• https://pr13965.content.dev.mdn.mozit.cloud/en-US/docs/Glossary/Forbidden_header_name
• https://pr13965.content.dev.mdn.mozit.cloud/en-US/docs/Glossary/Forbidden_response_header_name
• https://pr13965.content.dev.mdn.mozit.cloud/en-US/docs/Web/API/Response/type
• https://pr13965.content.dev.mdn.mozit.cloud/en-US/docs/Web/API/XMLHttpRequest/getAllResponseHeaders
• https://pr13965.content.dev.mdn.mozit.cloud/en-US/docs/Web/HTTP/Headers

Flaws

Note! 4 documents with no flaws that don't need to be listed. 🎉

URL: /en-US/docs/Web/HTTP/Headers
Title: HTTP headers
on GitHub
Flaw count: 1

• macros:
  • wrong xref macro used (consider changing which macro you use)

External URLs

URL: /en-US/docs/Web/HTTP/Headers
Title: HTTP headers
on GitHub

• https://datatracker.ietf.org/doc/html/draft-ruellan-http-accept-push-policy-00 (2 times)
• https://datatracker.ietf.org/doc/html/rfc4229 (1 time)
• https://datatracker.ietf.org/doc/html/rfc5988 (1 time)
• https://datatracker.ietf.org/doc/html/rfc6648 (1 time)
• https://datatracker.ietf.org/doc/html/rfc7230 (2 times)
• https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/18488178/ (1 time)
• https://developers.google.com/search/reference/robots_meta_tag (1 time)
• https://docs.microsoft.com/previous-versions/windows/internet-explorer/ie-developer/compatibility/jj542450(v=vs.85)? (1 time)
• https://en.wikipedia.org/wiki/List_of_HTTP_header_fields (1 time)
• https://httpwg.org/specs/ (1 time)
• https://w3c.github.io/ServiceWorker/ (2 times)
• https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html (3 times)
• https://www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html (1 time)
• https://www.iana.org/assignments/message-headers/perm-headers.html (2 times)
• https://www.iana.org/assignments/message-headers/prov-headers.html (1 time)

---

URL: /en-US/docs/Web/API/Response/type
Title: Response.type
on GitHub

No new external URLs

---

URL: /en-US/docs/Web/API/XMLHttpRequest/getAllResponseHeaders
Title: XMLHttpRequest.getAllResponseHeaders()
on GitHub

No new external URLs

---

URL: /en-US/docs/Glossary/Forbidden_header_name
Title: Forbidden header name
on GitHub

• https://bugs.chromium.org/p/chromium/issues/detail?id=571722 (1 time)
• https://fetch.spec.whatwg.org/ (1 time)

---

URL: /en-US/docs/Glossary/Forbidden_response_header_name
Title: Forbidden response header name
on GitHub

No new external URLs

[sideshowbarker]

Yeah, these are essentially just cruft and it’s hard to imagine anybody having any need for them at all at this point