I seem to have discovered a bug in the Nokia 7650 browser. I would just like some confirmation from someone else who has experienced the same problem or can reproduce it.
The problem is this. Suppose I send a cookie to the browser like this:
On the next request the browser sends the following header back to the application server:
When in fact it should send (notice the '$' signs):
Since 'Path', 'Domain' and 'Version' are reserved words and no cookies can be set with that name (according to RFC 2109 - http://www.ietf.org/rfc/rfc2109.txt). What the browser is in fact doing is sending three cookies named 'mycookie', 'Path' and 'Domain'. The problem with this is that many application servers (in my particular case Jakarta Tomcat) will refuse this request.
Has anyone else experienced this and/or can comment on it? I don't know how to check thw SW version of the phone but its User-Agent string is:
Nokia7650/1.0 SymbianOS/6.1 Series60/0.9 Profile/MIDP-1.0 Configuration/CLDC-1.0 UP.Link/220.127.116.11
A hack that will probably work for you is for your web application to preempt cookie handling (i.e. manually search the incoming headers for "Cookie:" line and then parse and prune out the "path" and "domain" "cookies". Obviously there is a protocol problem.
Some web applications, notably PHP, are robust enough to handle these broken cookies without blinking.
BTW, the emulator seems to have other serious problems. For instance, if I write a session cookie "S=..." and then write a permanent cookie "SN=..." later, it doesn't seem to store the permanent cookie... it just returns to me "S=...; path=....; domain=....".
Although one could parse the headers using php, if the browser on the handset is not parsing the set-cookie correctly, then it will not interpret the expires and path. Without those fields you have limited control over the cookie scope.
This may explain why it seems impossible to set a non-session cookie on the 3650 -- the phone is not seeing the expires, but instead interpreting "expires" as another cookie.