mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
parent
cb222bcfef
commit
c140bd7891
@ -31,6 +31,7 @@ This release includes the following bugfixes:
|
||||
o gtls: fix for builds lacking encrypted key file support [11]
|
||||
o SCP: use libssh2_scp_recv2 to support > 2GB files on windows [12]
|
||||
o CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option [13]
|
||||
o cookie: do not refuse cookies to localhost [14]
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
@ -62,3 +63,4 @@ References to bug reports and discussions on issues:
|
||||
[11] = https://curl.haxx.se/bug/?i=651
|
||||
[12] = https://curl.haxx.se/bug/?i=451
|
||||
[13] = https://curl.haxx.se/bug/?i=653
|
||||
[14] = https://curl.haxx.se/bug/?i=658
|
||||
|
10
lib/cookie.c
10
lib/cookie.c
@ -797,10 +797,12 @@ Curl_cookie_add(struct SessionHandle *data,
|
||||
#ifdef USE_LIBPSL
|
||||
/* Check if the domain is a Public Suffix and if yes, ignore the cookie.
|
||||
This needs a libpsl compiled with builtin data. */
|
||||
if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {
|
||||
if(psl_is_public_suffix(psl, co->domain)) {
|
||||
infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",
|
||||
co->name, co->domain);
|
||||
if(domain && co->domain && !isip(co->domain)) {
|
||||
if(((psl = psl_builtin()) != NULL)
|
||||
&& !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
|
||||
infof(data,
|
||||
"cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",
|
||||
co->name, domain, co->domain);
|
||||
freecookie(co);
|
||||
return NULL;
|
||||
}
|
||||
|
@ -58,6 +58,7 @@ http://www.example.ck/1136 http://www.ck/1136 http://z-1.compute-1.amazonaws.com
|
||||
|
||||
.www.example.ck TRUE / FALSE 0 test2 allowed2
|
||||
.www.ck TRUE / FALSE 0 test4 allowed4
|
||||
.z-1.compute-1.amazonaws.com TRUE / FALSE 0 test5 forbidden5
|
||||
</file>
|
||||
</verify>
|
||||
</testcase>
|
||||
|
Loading…
Reference in New Issue
Block a user