Hi Tim, Thanks for your answer. I spent my day going through RFC 6265. And I'd like to clarify some things.
>From what I read and understood, if the header does not domain-match, wget should ignore the cookie. AFAIK, wget does successfully ignore that cookie currently. However, I cannot understand the output of wget: "Cookie coming from localhost attempted to set domain to localhost" That is cookie->domain and host were a match and yet it failed the check_domain_match(cookie->domain, host) call. Is this a bug? I'll attempt getting and reading a stacktrace for the same to get more information. The sixth test in Test-cookies.px, is it meant to fail? My Perl is terrible, and I've been trying to improve it. Does it mean that the expected header for that cookie should NOT include "foo=bar"? On Tue, Feb 12, 2013 at 1:13 PM, Tim Ruehsen <[email protected]> wrote: > Am Monday 11 February 2013 schrieb Darshit Shah: > > One of the 70 tests written for wget fails. The error message is: > > > *** Mismatch on !Cookie: =~ (?^:foo=bar) > > > 400 Mismatch on expected headers > > > 2013-02-12 03:05:48 ERROR 400: Mismatch on expected headers. > > > > Now, I was wondering, in the ideal case, what is wget expected to do in > > such a case? Should wget ignore the cookie like it does in testcase 5 > for a > > mismatched domain? > > > > Any help/advice on this front would be greatly appreciated. > > > > File in question is: Test-cookies.px > > I sent the patch 9.11.2012, when I realized wget fails to handle > non-matching > cookies. The bug has still to be fixed in wget - the test correctly fails. > > Here is a cite from my email: > "Also included is a test for testing the ignorance of a non-matching > domain in > the Set-Cookie header. (wget fails, but shouldn't due to RFC 6265 5.3.6). > wget just replaces that foreign domain with the domain from the > request-uri." > > I already created correctly working library routines for cookie handling > incl. > Mozilla Public Suffix handling. It is not decided yet, if this library ever > links to a future wget. And it is still not released and needs more work > (any > help appreciated !). If interested: it is still in > https://github.com/rockdaboot/mget, but will move into it's own project > soon. > > Fixing the issue in wget1.x would be a nice move, though. > > > Regards, > > Tim Rühsen > -- Thanking You, Darshit Shah Research Lead, Code Innovation Kill Code Phobia. B.E.(Hons.) Mechanical Engineering, '14. BITS-Pilani. TEDxBITSHyderabad: Website: http://tedxbitshyderabad.com Facebook Page: https://www.facebook.com/TedxBitsHyderabad
