>From 79b9d25eb78cb217b0a8fe90d33f14061db2a767 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki <[email protected]>
Date: Tue, 15 Dec 2009 23:40:47 +0100
Subject: BUG] config: fix erroneous check on cookie domain names, again
The previous check was correct: the RFC states that it is required
to have a domain-name which contained a dot AND began with a dot.
However, currently some (all?) browsers do not obey this specification,
so such configuration might work.
This patch reverts 3d8fbb6658d4414dac20892bbd9e79e14e99e67f but
changes the check from FATAL to WARNING and extends the message.
---
src/cfgparse.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 61e6bfc..841f374 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1458,13 +1458,13 @@ int cfg_parse_listen(const char *file, int linenum,
char **args, int kwm)
goto out;
}
- if (*args[cur_arg + 1] != '.' &&
!strchr(args[cur_arg + 1] + 1, '.')) {
+ if (*args[cur_arg + 1] != '.' ||
!strchr(args[cur_arg + 1] + 1, '.')) {
/* rfc2109, 4.3.2 Rejecting Cookies */
Alert("parsing [%s:%d]: domain '%s'
contains no embedded"
- " dots and does not start with
a dot.\n",
+ " dots nor does not start with
a dot."
+ " RFC forbids it, this
configuration may not work properly.\n",
file, linenum, args[cur_arg +
1]);
- err_code |= ERR_ALERT | ERR_FATAL;
- goto out;
+ err_code |= ERR_ALERT;
}
err = invalid_domainchar(args[cur_arg + 1]);
--
1.6.4.2
