as i known, there are two problem at this place.
first, deal max-age integer overflow
second, when http server set-cookie max-age and expires at once, libcurl
cannt support rfc6265 friendly

answer to your 3 questions：
1.too long seems a poor excuse， you can fix to
    co->expires =

strtol((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0],NULL,10);
    co->expires += (long)now

2. not amx-age larger than 31 bit, but (now + max-age) may did
3.this bug can occur in windows 7 VS2005 and it support int64, this system
old?

On Wed, Jan 15, 2014 at 7:44 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:

> On Wed, 15 Jan 2014, Daniel Stenberg wrote:
>
> Thanks, but I couldn't help a nagging feeling we can do even better and I
>> wanted to hear what you and others have to say...
>>
>
> Oh, and I noticed that we base max-age on "expires" which is wrong.
> Max-age is the age in seconds from *now*. And if both expires and max-age
> are used, max-age takes precedence. See 4.1.1.2 in RFC6265.
>
> I think this requires a little polishing!
>
>
> --
>
> / daniel.haxx.se
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-16