HTTP cookies are essential for maintaining state on the World Wide Web. Despite the vague functioning of cookies, a piece of code revealed an interesting way to save JSON values as a session cookie. This method, while slightly unconventional, worked fine in browsers until it was passed to the Go standard library. The discrepancy between what servers should send and what browsers must accept, according to RFCs, creates a challenge for standard libraries. Surprisingly, different browsers like Firefox, Chrome, and Safari handle cookie values differently, causing inconsistencies. Standard libraries like Golang and PHP struggle to handle cookies properly as well, leading to unexpected behaviors. Overall, the functioning of cookies is complex and inconsistent across different platforms, presenting challenges for developers.
https://grayduck.mn/2024/11/21/handling-cookies-is-a-minefield/