Cookies are yummy, especially chocolate chip ones, however the sort of cookies that web browsers like to eat are horrible things that cause me indigestion.
A client was reporting problems with cookies so I started poking around. Turning my settings on Firefox to "ask" I keep getting the following warning:
The site www.example.com wants to modify an existing cookie.
Except it wasn't modifying the cookie. It was just sending the same data. Ok, no problem we'll fix things so that we don't send a cookie header if it hasn't changed.
Then I spot a certificate error. Somebody is linking to https://example.com when the certificate is for www.example.com. Fine, I'll just add a mod_rewrite rule:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^/(.*) http://www.example.com/$1 [L,R]
Now I hear that linking from an affilates site in Internet Explorer is giving a message saying that the user hasn't got cookies turned on. It seems that everything works fine unless the page is framed, which for some reason causes IE to reject the cookie. Arrrgh.