mirror of
https://github.com/moparisthebest/curl
synced 2024-11-18 07:25:14 -05:00
04f52e9b4d
I found a bug which cURL sends cookies to the path not to aim at. For example: - cURL sends a request to http://example.fake/hoge/ - server returns cookie which with path=/hoge; the point is there is NOT the '/' end of path string. - cURL sends a request to http://example.fake/hogege/ with the cookie. The reason for this old "feature" is because that behavior is what is described in the original netscape cookie spec: http://curl.haxx.se/rfc/cookie_spec.html The current cookie spec (RFC6265) clarifies the situation: http://tools.ietf.org/html/rfc6265#section-5.2.4
67 lines
1.4 KiB
Plaintext
67 lines
1.4 KiB
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
cookies
|
|
</keywords>
|
|
</info>
|
|
# Server-side
|
|
<reply>
|
|
<data>
|
|
HTTP/1.1 200 OK swsclose
|
|
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
|
Server: test-server/fake
|
|
|
|
</data>
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
http
|
|
</server>
|
|
<name>
|
|
HTTP with cookie parsing from header file
|
|
</name>
|
|
<command>
|
|
http://%HOSTIP:%HTTPPORT/we/want/8 -b log/heads8.txt
|
|
</command>
|
|
|
|
# We create this file before the command is invoked!
|
|
<file name="log/heads8.txt">
|
|
HTTP/1.1 200 OK
|
|
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
|
Server: test-server/fake
|
|
Content-Type: text/html
|
|
Funny-head: yesyes
|
|
Set-Cookie: foobar=name; domain=%HOSTIP; path=/;
|
|
Set-Cookie: mismatch=this; domain=%HOSTIP; path="/silly/";
|
|
Set-Cookie: partmatch=present; domain=.0.0.1; path=/w;
|
|
Set-Cookie: duplicate=test; domain=.0.0.1; domain=.0.0.1; path=/donkey;
|
|
Set-Cookie: cookie=yes; path=/we;
|
|
Set-Cookie: cookie=perhaps; path=/we/want;
|
|
Set-Cookie: nocookie=yes; path=/WE;
|
|
Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad;
|
|
|
|
</file>
|
|
<precheck>
|
|
perl -e 'if ("%HOSTIP" !~ /\.0\.0\.1$/) {print "Test only works for HOSTIPs ending with .0.0.1"; exit(1)}'
|
|
</precheck>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent:.*
|
|
</strip>
|
|
<protocol>
|
|
GET /we/want/8 HTTP/1.1
|
|
Host: %HOSTIP:%HTTPPORT
|
|
Accept: */*
|
|
Cookie: cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|