cookies: only consider full path matches
I found a bug which cURL sends cookies to the path not to aim at. For example: - cURL sends a request to http://example.fake/hoge/ - server returns cookie which with path=/hoge; the point is there is NOT the '/' end of path string. - cURL sends a request to http://example.fake/hogege/ with the cookie. The reason for this old "feature" is because that behavior is what is described in the original netscape cookie spec: http://curl.haxx.se/rfc/cookie_spec.html The current cookie spec (RFC6265) clarifies the situation: http://tools.ietf.org/html/rfc6265#section-5.2.4
This commit is contained in:
YAMADA Yasuharu
committed by
Daniel Stenberg
Daniel Stenberg
parent
100a33f7ff
commit
04f52e9b4d
@@ -59,7 +59,7 @@ perl -e 'if ("%HOSTIP" !~ /\.0\.0\.1$/) {print "Test only works for HOSTIPs endi
|
||||
GET /we/want/8 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
Cookie: cookie=perhaps; cookie=yes; partmatch=present; foobar=name; blexp=yesyes
|
||||
Cookie: cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
|
||||
Reference in New Issue
Block a user