cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Bug 3349227

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 4 Jul 2011 22:11:40 +0200 (CEST)

On Sun, 3 Jul 2011, Rob Ward wrote:

> I've recently started learning the internals of how Curl works and in doing
> so decided to have a go at fixing a bug(3349227) where curl does not
> understand the secure= attribute in cookies. I have attached a set of
> proposed patches that include the fix and an update to test 31 that verifies
> the fix. This implementation is based on my limited understanding of how the
> cookies code(and the internals of curl) works so I would suggest it be
> checked in case I have missed a simpler solution.

Hi Rob, thanks for your contribution and desire to help!

Since the cookie RFC allows 'secure=' instead of 'secure', it also allows
'httponly=' instead of 'httponly' so I think we should adapt for that version
too while we're at it, and add that to the test case. Oh, and perhaps we
should also add a test case or two for when the cookie name is actually
'secure' or 'httponly' as in 'secure=yes' since then it isn't the same as when
'secure='.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2011-07-04

This message: [ Message body ]
Next message: Rob Ward: "Re: Bug 3349227"
Previous message: Daniel Stenberg: "Re: POST, 100 continue, and 404"
In reply to: Rob Ward: "Bug 3349227"
Next in thread: Rob Ward: "Re: Bug 3349227"
Reply: Rob Ward: "Re: Bug 3349227"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]