...the cookie name=value always appears first in the string hdrString (as opposed to path=/; domain=.whatever.com )
Does anyone know if this is a requirement? That the cookie name=value always appears first? If so I am going to write my code to rely on that...
Example of an HTTP response from google.com, which sets a cookie with attributes.
Beside the name/value pair, a cookie may also contain an expiration date, a path, a domain name, and whether the cookie is intended only for encrypted connections. RFC 2965 also specifies that cookies must have a mandatory version number, but this is usually omitted. These pieces of data follow the name=newvalue pair and are separated by semicolons. For example, a cookie can be created by the server by sending a line Set-Cookie: name=newvalue; expires=date; path=/; domain=.example.org.
Can anyone else verify?