But RFC 6265 5.3.6 also states: > If the canonicalized request-host does not domain-match the > domain-attribute: > > Ignore the cookie entirely and abort these steps. > > Otherwise: > > Set the cookie's host-only-flag to false. > > Set the cookie's domain to the domain-attribute. > > Since wget does indeed set the cookie's domain as the domain attribute when it fails a domain-match, I don't think we should count it as a bug. This also obsoletes Test #6 since now we do not need to test for that erroneous cookie. Am I correct?
On Wed, Feb 13, 2013 at 2:49 PM, Tim Ruehsen <tim.rueh...@gmx.de> wrote: > Hi Darshit, > > > From what I read and understood, if the header does not domain-match, > wget > > should ignore the cookie. AFAIK, wget does successfully ignore that > cookie > > currently. > > Yes, that is a current bug of wget. > > > However, I cannot understand the output of wget: > > "Cookie coming from localhost attempted to set domain to localhost" > > That is cookie->domain and host were a match and yet it failed the > > check_domain_match(cookie->domain, host) call. > > Is this a bug? I'll attempt getting and reading a stacktrace for the same > > to get more information. > > Ángel already made it clear. > > > The sixth test in Test-cookies.px, is it meant to fail? My Perl is > > terrible, and I've been trying to improve it. Does it mean that the > > expected header for that cookie should NOT include "foo=bar"? > > Request #5 makes the server respond with a Cookie that does not match the > request domain. This simulates a misbehaving server. Wget should ignore > that > cookie, which is tested in Request #6. "!Cookie" => qr|foo=bar|" means 'the > Wget request must not contain a Cookie header containing foo=bar' (the > server > side checks that). > > Regards, > > Tim Rühsen > -- Thanking You, Darshit Shah Research Lead, Code Innovation Kill Code Phobia. B.E.(Hons.) Mechanical Engineering, '14. BITS-Pilani. TEDxBITSHyderabad: Website: http://tedxbitshyderabad.com Facebook Page: https://www.facebook.com/TedxBitsHyderabad