curl-library
Re: why does curl silently discard expired cookies and can this be disabled?
Date: Wed, 19 Aug 2015 10:26:55 +0200 (CEST)
On Tue, 18 Aug 2015, Guenter.Pusch_at_loewe.de wrote:
> I'm developing software for TV receivers which support the MHEG5 interactive
> service (which is something comparable to HbbTV). MHEG5 is standardized by
> ETSI ES 202 184, which specifies the following: " 15.7.5 Cookie support
> Receivers shall support the use of cookies via the Cookie request header and
> Set Cookie response header as defined by RFC 6265 [32]. All cookies shall be
> stored transiently, regardless of any specified expiration date or age.
> [...]"
I think this is the key. You want the cookies to be stored "regardless of any
specified expiration date" and libcurl actually expires out of date cookies
since cookies have an expiry time... The expiration of cookies was added in
7.33.0.
> I don't know how the "libcurl.so.x.y.z"-version maps to the official curl
> version.
We can't tell either for sure, but curl_version() and curl_version_info() will
tell you exactly.
> I think that in general RFC 6265 permits this behavior, but why not leave it
> to the application?
RFC 6265 says "max-age" takes precedence over "expires" and it says "If
delta-seconds is less than or equal to zero (0), let expiry-time be the
earliest representable date and time."
I would of course strongly advice against sending both as it is confusing to
everyone.
I don't see how the RFC says that we must store expired cookies anywhere. What
section are you referring to?
> - If not, is it possible to change curl, e.g. by adding a new CURL_OPTION to
> restore the "old" behaviour and let the application decide when to remove an
> expired cookie?
I could be persuaded to support such an option, but I would like some more
clarifcations!
What is the actual use for outdated cookies? Why does the server expire the
cookies if you need them (and can use them) after they're expired?
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2015-08-19