Skip to content
Related Articles

Related Articles

Improve Article
HTTP headers | Set-Cookie2
  • Last Updated : 07 Nov, 2019

The HTTP Set-cookie2 is response type header and it is obsoleted. It is a provider of the mechanism to serve and retrieve state information from the client to the server. The usage of this command is usually replaced by the set cookie instead of the set cookie2. The usage of this command cookie2 is obsoleted by the RFC 6265.


Set-Cookie2: <cookie-name>=<cookie-value> | Comment=<value> | Domain=<domain-value> | 
Max-Age=<non-zero-digit> | Path=<path-value> | Discard | Secure 

Note: Using multiple directives is also possible just need to separate them by using colon “;” and multiple cookies are separated by comma “,”.


  • <cookie-name>=<cookie-value>: <cookie-name> is referred to the name of the cookie and the <cookie-value> is referred to the value of that particular cookie. If the names having $ as the starting can not be used by any of the applications available on the computer.
  • Comment=<value>: The <value> assigned to the Comment allows the server to document how it intends to use the cookie, as cookies are used for the retrieve or store the data.
  • Domain=<domain-value>: This directive defines the host where the cookie will be sent. It is an optional directive.
  • Path=<path-value>: This value assigned to the cookie specifies all the sets of the URLs on the origin server to which the cookie has been applied.
  • Max-Age=<non-zero-digit>: This constraint takes the value in delta-seconds i.e. the lifetime of the cookie in the number of the seconds, which is a decimal non-negative integer. If this life is greater than that of delta-seconds that means the user should discard the cookie.
  • Discard: This code deletes/discards the cookie by instructing the user-agent to discard it. It is deleted as soon as the user-agent terminates.
  • Secure: This constraint in default manner when written will send back the cookie directly to the origin server without any deviations, in order to maintain the confidentiality and privacy.

Example: This type of Set-cookie you may not found in the Header section of the Inspect Element of Network because it was Obsolete by the RFC 6265. Please avoid using it.

Set-Cookie2:Student="David"; Max-Age=12885; Path="/asdf"; Secure

Supported Browsers: The browsers are not compatible with HTTP header Set-Cookie2. The HTTP header Set-Cokkie2 was replaced by the HTTP header Set-Cookie.

My Personal Notes arrow_drop_up
Recommended Articles
Page :