Is the name of a cookie case sensitive?

Question

A HTTP Cookie consists of a name-value pair and can be set by the server using this response:

HTTP/1.0 200 OK
Content-type: text/html
Set-Cookie: name=value
         


        

Answer 1

According to RFC 2109 - HTTP State Management Mechanism cookie names aka attribute names are case insensitive:

4.1 Syntax: General

The two state management headers, Set-Cookie and Cookie, have common syntactic properties involving attribute-value pairs. The following grammar uses the notation, and tokens DIGIT (decimal digits) and token (informally, a sequence of non-special, non-white space characters) from the HTTP/1.1 specification [RFC 2068] to describe their syntax.

av-pairs        =       av-pair *(";" av-pair)
av-pair         =       attr ["=" value]        ; optional value
attr            =       token
value           =       word
word            =       token | quoted-string

Attributes (names) (attr) are case-insensitive. White space is permitted between tokens. Note that while the above syntax description shows value as optional, most attrs require them.