Results 1 to 5 of 5

Thread: auto-serving cookies from my hosting - a legal liability?

  1. #1

    Question enforced serving of cookies - a legal liability?

    So I have a website which I've recently been trying to optimise as it looks to webpagetest. I'm keenly aware of my novice status here, but I'm trying to cover all the basic stuff.

    Anyway, I noticed that the server was sending cookies, for example:


    Response Headers:

    HTTP/1.1 200 OK
    Set-Cookie: 90plan=Rxxxxxxxxxx; path=/; expires=Fri, 02-Mar-2012 02:30:01 GMT
    Date: Tue, 28 Feb 2012 14:20:55 GMT
    Server: Apache/2.2.X (OVH)
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 2502
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/html; charset=UTF-8
    where the 'x' is a digit 0..9 (since I don't know what the number represents I blanked it)

    The expires bit might conceivably be down to caching headers (which I've been adding). But I don't think the '90plan' bit is down to anything I've done. I'd quite like it not to happen unless there's a technical necessity. Because otherwise, as I understand it, fairly recent changes in the law make it illegal to serve cookies without getting permission first! Even if it's a technical requirement, I think declaring it is legally required.
    Last edited by Lysis; 01-03-2012 at 14:44.

  2. #2
    HG XXXL + MegaRAID Myatu's Avatar
    Join Date
    Feb 2009
    Location
    Hammersmith, UK
    Posts
    2,507

    Re: auto-serving cookies from my hosting - a legal liability?

    That cookie law is the stupidest thing the EU has come up with, and a technical nightmare (in terms of 3rd party cookies). But, personal opinions aside, the UK has until May this year to catch up with that law before it is fully enforceable.
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

    Visit my blog | Leave a PM | OVH SBL IP listing


  3. #3

    Re: auto-serving cookies from my hosting - a legal liability?

    I think certain cookies (serving some particular function) are allowed right? I don't remember the details.
    Yes! I am winking at you

  4. #4
    HG XXXL + MegaRAID Myatu's Avatar
    Join Date
    Feb 2009
    Location
    Hammersmith, UK
    Posts
    2,507

    Re: auto-serving cookies from my hosting - a legal liability?

    Yes, "Essential" cookies are permitted. Those that are required to make the website work in its most basic form (shopping cart, load balancing, etc). Could well be that OVH cookie falls in that class, indeed...
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

    Visit my blog | Leave a PM | OVH SBL IP listing


  5. #5

    Re: auto-serving cookies from my hosting - a legal liability?

    I contacted support about this, and got the following reply:

    This cookie is in place to ensure that you are always associated with the same server in the web hosting cluster, it's to account for any potential sessions that you may have running, and there is no way of disabling it.

    All it does is ensure that you will return to the same server you had been accessing when you initially loaded the page.

    Regards,
    I think this means that it's technically necessary for serving the webpage, and a simple note on the privacy page will suffice.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •