CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
Document that if Set-Cookie is used without a domain then the cookie is sent for any domain and will not be modified. Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html Reported-by: Alexander Dyagilev
This commit is contained in:
Jay Satiro
@@ -36,6 +36,13 @@ Such a cookie can be either a single line in Netscape / Mozilla format or just
|
|||||||
regular HTTP-style header (Set-Cookie: ...) format. This will also enable the
|
regular HTTP-style header (Set-Cookie: ...) format. This will also enable the
|
||||||
cookie engine. This adds that single cookie to the internal cookie store.
|
cookie engine. This adds that single cookie to the internal cookie store.
|
||||||
|
|
||||||
|
If you use the Set-Cookie format and don't specify a domain then the cookie
|
||||||
|
is sent for any domain and will not be modified. If a server sets a cookie of
|
||||||
|
the same name (or maybe you've imported one) then both will be sent on a future
|
||||||
|
transfer to that server, likely not what you intended. Either set a domain in
|
||||||
|
Set-Cookie (doing that will include sub domains) or use the Netscape format as
|
||||||
|
shown in EXAMPLE.
|
||||||
|
|
||||||
Additionally, there are commands available that perform actions if you pass in
|
Additionally, there are commands available that perform actions if you pass in
|
||||||
these exact strings:
|
these exact strings:
|
||||||
.IP ALL
|
.IP ALL
|
||||||
|
|||||||
Reference in New Issue
Block a user