On 4 July 2011 21:11, Daniel Stenberg <[email protected]> wrote: > On Sun, 3 Jul 2011, Rob Ward wrote: > > I've recently started learning the internals of how Curl works and in >> doing so decided to have a go at fixing a bug(3349227) where curl does not >> understand the secure= attribute in cookies. I have attached a set of >> proposed patches that include the fix and an update to test 31 that verifies >> the fix. This implementation is based on my limited understanding of how the >> cookies code(and the internals of curl) works so I would suggest it be >> checked in case I have missed a simpler solution. >> > > Hi Rob, thanks for your contribution and desire to help! > > Since the cookie RFC allows 'secure=' instead of 'secure', it also allows > 'httponly=' instead of 'httponly' so I think we should adapt for that > version too while we're at it, and add that to the test case. Oh, and > perhaps we should also add a test case or two for when the cookie name is > actually 'secure' or 'httponly' as in 'secure=yes' since then it isn't the > same as when 'secure='. > > -- > > / daniel.haxx.se > ------------------------------**------------------------------**------- > List admin: > http://cool.haxx.se/list/**listinfo/curl-library<http://cool.haxx.se/list/listinfo/curl-library> > Etiquette: > http://curl.haxx.se/mail/**etiquette.html<http://curl.haxx.se/mail/etiquette.html> >
That's fine, I can look at making them changes over the next few days. I've listed the proposed test cases below based off of the tests I already have and the ones you have proposed, do they look sensible? Can anyone think of any other tests that could/should be added? Rob Ward Set-Cookie: sec1value=secure1 ; domain=127.0.0.1; path=/secure1/ ; secure Set-Cookie: sec2value=secure2 ; domain=127.0.0.1; path=/secure2/ ; secure= Set-Cookie: sec3value=secure3 ; domain=127.0.0.1; path=/secure/ ; secure= Set-Cookie: sec4value=secure4 ; secure=; domain=127.0.0.1; path=/secure2/; Set-Cookie: secure=very1 ; secure=; domain=127.0.0.1; path=/secure2/; Set-Cookie: secure=very2 ; secure; domain=127.0.0.1; path=/secure2/; Set-Cookie: secure=very3 ; domain=127.0.0.1; path=/secure2/; secure Set-Cookie: secure=very4 ; domain=127.0.0.1; path=/secure2/; secure= Set-Cookie: name1=value1 ; domain=127.0.0.1; path=/p1/; httponly Set-Cookie: name2=value2 ; domain=127.0.0.1; path=/p2/; httponly= Set-Cookie: name3=value3 ; httponly; domain=127.0.0.1; path=/p3/; Set-Cookie: name4=value4 ; httponly=; domain=127.0.0.1; path=/p4/; Set-Cookie: httponly=myvalue ; domain=127.0.0.1; path=/p4/; httponly Set-Cookie: httponly=myvalue2 ; domain=127.0.0.1; path=/p4/; httponly= -- ------------------------------ Rob Ward www.rob-ward.co.uk
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
