You misunderstand HTTP. I need to open an HTTP connection to get an image from doubleclick.net. At that time, any cookies I have for doubleclick.net are sent to them, and new cookies can be set for doubleclick.net because I have an HTTP connection to doubleclick.net. The browser doesn't care where it's chasing the IMG tag from, it just knows that on this HTTP connection, it's talking to doubleclick.net. The fact that foo.com pointed me there is irrelevant. No, I do not. I am well aware of how HTTP is designed. How Netscape works is different however. Enabling the option I mentioned causes Netscape to use the domain that the HTML page came from as the cookie domain for all embedded elements within that page. It will open an HTTP connection to doubleclick.net to get the image, and will reject the cookie because it comes from doubleclick.net's domain and not the domain of the parent page. Try it.
Slashdot Mirror
You misunderstand HTTP. I need to open an HTTP connection to get an image from doubleclick.net. At that time, any cookies I have for doubleclick.net are sent to them, and new cookies can be set for doubleclick.net because I have an HTTP connection to doubleclick.net. The browser doesn't care where it's chasing the IMG tag from, it just knows that on this HTTP connection, it's talking to doubleclick.net. The fact that foo.com pointed me there is irrelevant. No, I do not. I am well aware of how HTTP is designed. How Netscape works is different however. Enabling the option I mentioned causes Netscape to use the domain that the HTML page came from as the cookie domain for all embedded elements within that page. It will open an HTTP connection to doubleclick.net to get the image, and will reject the cookie because it comes from doubleclick.net's domain and not the domain of the parent page. Try it.