cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] fix cookie max-age field integer overflow bug in libcurl

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 15 Jan 2014 12:44:09 +0100 (CET)

On Wed, 15 Jan 2014, Daniel Stenberg wrote:

> Thanks, but I couldn't help a nagging feeling we can do even better and I
> wanted to hear what you and others have to say...

Oh, and I noticed that we base max-age on "expires" which is wrong. Max-age is
the age in seconds from *now*. And if both expires and max-age are used,
max-age takes precedence. See 4.1.1.2 in RFC6265.

I think this requires a little polishing!

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-01-15

This message: [ Message body ]
Next message: Steve Holme: "Win32 use of GetVersionEx()"
Previous message: Daniel Stenberg: "Re: [PATCH] fix cookie max-age field integer overflow bug in libcurl"
In reply to: Daniel Stenberg: "Re: [PATCH] fix cookie max-age field integer overflow bug in libcurl"
Next in thread: chen prog: "Re: [PATCH] fix cookie max-age field integer overflow bug in libcurl"
Reply: chen prog: "Re: [PATCH] fix cookie max-age field integer overflow bug in libcurl"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]