Hi Krzysztof,
On Tue, Dec 15, 2009 at 10:48:23PM +0100, Krzysztof Piotr Oledzki wrote:
> >From b05e4be21fc2a1f56fc43cedc0229dd45fb54158 Mon Sep 17 00:00:00 2001
> From: Krzysztof Piotr Oledzki <[email protected]>
> Date: Tue, 15 Dec 2009 22:45:54 +0100
> Subject: [BUG] config: fix erroneous check on cookie domain names, again
>
> The previous check was correct: the RFC states that it is required
> to have a domain-name which contained a dot AND began with a dot.
> However, currently some (all?) browsers do not obey this specification,
> so such configuration might work.
>
> This patch reverts 3d8fbb6658d4414dac20892bbd9e79e14e99e67f but
> changes the check from FATAL to WARNING and extends the warning.
I agree with this proposed behaviour (and failed to apply it in time).
I also think that I will add a warning for the multiple domains usage
because not all browsers support it either. However, your patch below
does not reflect what it says above. I believe you diffed between some
wrong commit IDs.
Regards,
Willy
> ---
> src/cfgparse.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/src/cfgparse.c b/src/cfgparse.c
> index 6b73dea..841f374 100644
> --- a/src/cfgparse.c
> +++ b/src/cfgparse.c
> @@ -1461,7 +1461,8 @@ int cfg_parse_listen(const char *file, int linenum,
> char **args, int kwm)
> if (*args[cur_arg + 1] != '.' ||
> !strchr(args[cur_arg + 1] + 1, '.')) {
> /* rfc2109, 4.3.2 Rejecting Cookies */
> Alert("parsing [%s:%d]: domain '%s'
> contains no embedded"
> - " dots or does not start with a
> dot. RFC forbids it, so such configuration may not work properly.\n",
> + " dots nor does not start with
> a dot."
> + " RFC forbids it, this
> configuration may not work properly.\n",
> file, linenum, args[cur_arg +
> 1]);
> err_code |= ERR_ALERT;
> }
> --
> 1.6.4.2
>
