mirror of https://github.com/moparisthebest/curl
CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
Document that if Set-Cookie is used without a domain then the cookie is sent for any domain and will not be modified. Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html Reported-by: Alexander Dyagilev
This commit is contained in:
Jay Satiro
parent
02dfc930b5
commit
b18a1654c1
|
|
@ -36,6 +36,13 @@ Such a cookie can be either a single line in Netscape / Mozilla format or just
|
|||
regular HTTP-style header (Set-Cookie: ...) format. This will also enable the
|
||||
cookie engine. This adds that single cookie to the internal cookie store.
|
||||
|
||||
If you use the Set-Cookie format and don't specify a domain then the cookie
|
||||
is sent for any domain and will not be modified. If a server sets a cookie of
|
||||
the same name (or maybe you've imported one) then both will be sent on a future
|
||||
transfer to that server, likely not what you intended. Either set a domain in
|
||||
Set-Cookie (doing that will include sub domains) or use the Netscape format as
|
||||
shown in EXAMPLE.
|
||||
|
||||
Additionally, there are commands available that perform actions if you pass in
|
||||
these exact strings:
|
||||
.IP ALL
|
||||
|
|
|
|||
Loading…
Reference in New Issue