diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2003-08-04 23:05:57 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2003-08-04 23:05:57 +0000 |
| commit | 98ee12bc356e2635858049ba5e69a62bb7e5e9c2 (patch) | |
| tree | 38b40ba19d01789094cc85a117cb10a67c92692a | |
| parent | fdda786fa21a6aa06748182e69c0922360c7dd5a (diff) | |
| download | gnurl-98ee12bc356e2635858049ba5e69a62bb7e5e9c2.tar.gz gnurl-98ee12bc356e2635858049ba5e69a62bb7e5e9c2.tar.bz2 gnurl-98ee12bc356e2635858049ba5e69a62bb7e5e9c2.zip | |
Jan Sundin reported a case where curl ignored a cookie that browsers don't,
which turned up to be due to the number of dots in the 'domain'. I've now
made curl follow the the original netscape cookie spec less strict on that
part.
| -rw-r--r-- | lib/cookie.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index c9883594c..03065f909 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -234,7 +234,13 @@ Curl_cookie_add(struct CookieInfo *c, break; } } - if(dotcount < 3) { + /* The original Netscape cookie spec defined that this domain name + MUST have three dots (or two if one of the seven holy TLDs), + but it seems that these kinds of cookies are in use "out there" + so we cannot be that strict. I've therefore lowered the check + to not allow less than two dots. */ + + if(dotcount < 2) { /* Received and skipped a cookie with a domain using too few dots. */ badcookie=TRUE; /* mark this as a bad cookie */ |