curl-library
[PATCH] cookie path match fail
Date: Fri, 17 May 2013 15:49:41 +0900
Hello cURL hackers,
I found a bug which cURL sends cookies to the path not to aim at.
For example:
- cURL sends a request to http://example.fake/hoge/
- server returns cookie which with path=/hoge;
the point is there is NOT the '/' end of path string.
- cURL sends a request to http://example.fake/hogege/ with the cookie.
Because Curl_cookie_getlist() compares path using strncmp().
I think cURL should send without the cookie, this case.
An attached patch fixs this problem and test case.
Best regards,
thanks
===============
YAMADA Yasuharu
ACCESS CO., LTD.
Yasuharu.Yamada_at_access-company.com
-- . ________________________________________ The contents of this e-mail message and any attachments are confidential and are intended solely for the addressee. The information may also be legally privileged. This transmission is sent in trust, and the sole purpose of delivery to the intended recipient. If you have received this transmission in error, any use, reproduction or dissemination of this transmission is strictly prohibited. If you are not the intended recipient, please immediately notify the sender by reply e-mailer and delete this message and its attachments, if any. Thank you for your cooperation. ________________________________________
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
- application/octet-stream attachment: cookie_path_match.diff
- application/octet-stream attachment: test9010