curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

max cookie age capped to 400 days

From: Daniel Stenberg via curl-library <>
Date: Mon, 18 Dec 2023 11:27:47 +0100 (CET)


In the draft document for the pending cookie RFC update [1], there is language
that says user-agents should limit the maximum expiry time for cookies to no
more than 400 days.

I have a PR [2] that implements this. The only problem is that in order to get
a stable test output, this needs to set the time to a fixed value. In order to
set the time for a test, it can only do this in debug builds.

Thus, this change converts four cookie tests (31, 46, 61 and 1415) to become
debug-build-only tests, which then of course limits cookie testing for those
*not* doing debug builds.

I don't like this, but I also can't think of a way to do this test nicely
without leaning on debug-only features. Unless perhaps we add some math
knowledge to the test runner, but it seems fragile as well.

Anyone with a better idea or thoughts on this topic?

[1] =
[2] =

  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
Received on 2023-12-18