On Tue, 29 Sep 2015, Tim Ruehsen wrote:
I prepared a patch to check the Set-Cookie domain values for being Public Suffices using libpsl. This is mainly for detecting and preventing 'Supercookies' being set by 'bad' web servers.
Awesome!
The patch is missing a test case - it was not obvious for me how to prevent such a test being performed when libpsl is not compiled in. I added 'has_psl' to test/runtests.pl but here I am stuck. If you could give me a hint on that (please with a test number), I'll make up a test case.
You're almost there. You created a new feature called PSL and it looks correct in the runtests.pl script (it made me remember that I should really clean up and make the general feature handling in that script more generic and to use less very long if-else sequences).
You then write your test case to require that feature in the client to work. Compare with for example test case 2005 that requires Metalink to be there to run (and 'file' support).
(You can also write test cases for the negative presence of a feature by prefixing the feature in that list with an exclamation mark, like for example test 1001 only runs if SSPI is _not_ present.)
And feel free to pick whatever test number that's available. 1136 - 1199 are available for example.
Please review / test the patch.
Looks simple enough and straight forward, I found nothing to complain about. Haven't had time to try it out yet though and I probably won't either for a few days as I have some traveling coming up.
Thanks a lot for your work and contribution! -- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
