Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delete cookies does not work in 7.88.1 #10677

Closed
ghost opened this issue Mar 5, 2023 · 3 comments
Closed

Delete cookies does not work in 7.88.1 #10677

ghost opened this issue Mar 5, 2023 · 3 comments
Assignees
@bagder
Labels
cookies

Comments

@ghost
Copy link

ghost commented Mar 5, 2023 

Version:
curl --version
curl 7.88.1 (x86_64-suse-linux-gnu) libcurl/7.88.1 OpenSSL/3.0.8 zlib/1.2.13 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.3 libpsl/0.21.1 (+libidn2/2.3.3) libssh/0.10.4/openssl/zlib nghttp2/1.50.0
Release-Date: 2023-02-20
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
---------------------
Here is the cookies.txt file before:
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie6	991
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie5	990
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie4	950
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie3	900
#HttpOnly_127.0.0.2	FALSE	/func_test/	FALSE	1709598616	mycookie2	5900
#HttpOnly_127.0.0.2	FALSE	/	FALSE	1709598616	mycookie1	4900
#HttpOnly_127.0.0.2	FALSE	/func_test/	FALSE	0	mycookie	1200
****
---------------------
The following is the output from:
curl -v -b cookies.txt -c cookies.txt "http://127.0.0.1/func_test/del_cookie"
---------------------
*   Trying 127.0.0.2:80...
* Connected to 127.0.0.2 (127.0.0.2) port 80 (#0)
> GET /func_test/del_cookie HTTP/1.1
> Host: 127.0.0.2
> User-Agent: curl/7.88.1
> Accept: */*
> Cookie: mycookie2=5900; mycookie=1200; mycookie3=900; mycookie4=950; mycookie5=990; mycookie6=991; mycookie1=4900
> 
< HTTP/1.1 200 OK
< Date: Sun, 05 Mar 2023 00:30:22 GMT
< Server: Apache
< Cache-Control: max-age=0, no-cache
< Pragma: no-cache
* Added cookie mycookie2="" for domain 127.0.0.2, path /, expire 1
< Set-Cookie: mycookie2=; Path=/; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie="" for domain 127.0.0.2, path /func_test/, expire 1
< Set-Cookie: mycookie=; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie3="" for domain 127.0.0.2, path /func_test, expire 1
< Set-Cookie: mycookie3=; Path=/func_test; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie4="" for domain 127.0.0.2, path /func_test, expire 1
< Set-Cookie: mycookie4=; Path=/func_test; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie5="" for domain 127.0.0.2, path /func_test, expire 1
< Set-Cookie: mycookie5=; Path=/func_test; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie6="" for domain 127.0.0.2, path /func_test, expire 1
< Set-Cookie: mycookie6=; Path=/func_test; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
* Replaced cookie mycookie1="" for domain 127.0.0.2, path /, expire 1
< Set-Cookie: mycookie1=; Path=/; Max-Age=-1; Expires=Thu, 01 Jan 1970 00:00:00 GMT
< Transfer-Encoding: chunked
< Content-Type: text/html;charset=utf-8
< 
---------------------
However, the cookies.txt file has NOT changed most of the cookies (i.e. evicted the above where expired, mycookie, mycookie3, mycookie4, mycooki5 and mycookie6 should have been removed) - here is the cookies.txt after the above:
---------------------
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_127.0.0.2	FALSE	/func_test/	FALSE	0	mycookie	1200
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie3	900
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie4	950
#HttpOnly_127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie5	990
127.0.0.2	FALSE	/func_test	FALSE	1709598616	mycookie6	991
#HttpOnly_127.0.0.2	FALSE	/func_test/	FALSE	1709598616	mycookie2	5900
---------------------
You can see that only mycookie1 with path of "/" was evicted, all others stayed.
---------------------
This behavior is only in 7.88.1. It was NOT there in 7.81.0, where all cookies are deleted properly.
@ghost
Copy link
Author

ghost commented Mar 5, 2023

Btw, this was on OpenSUSE Tumbleweed, version 20221006

@bagder bagder self-assigned this Mar 5, 2023
@bagder bagder added the cookies label Mar 5, 2023
bagder added a commit that referenced this issue Mar 5, 2023
@bagder
cookie: don't load cookies again when flushing
0ab2b6e 
Reported-by: Sergio Mijatovic
Fixes #10677
@bagder bagder linked a pull request Mar 5, 2023 that will close this issue
Fix cookies loaded fine from jar then expired in headers #10685
Closed
@ghost
Copy link
Author

ghost commented Mar 6, 2023

I tried the fix and it worked. Thank you! I will leave it open as I am unsure of your workflow, but as far as I am concerned it worked.

@bagder
Copy link
Member

bagder commented Mar 6, 2023
edited

Thanks for confirming. This issue will be closed when we merge the PR that addresses it.

@bagder bagder closed this as completed in 45d4bf5 Mar 6, 2023
bch pushed a commit to bch/curl that referenced this issue Jul 19, 2023
@bagder @bch
cookie: don't load cookies again when flushing
cbc9535 
Reported-by: Sergio Mijatovic
Fixes curl#10677
Closes curl#10685
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bagder bagder

Labels
cookies
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix cookies loaded fine from jar then expired in headers curl/curl
1 participant
@bagder