mirror of
https://github.com/moparisthebest/curl
synced 2024-11-16 06:25:03 -05:00
04f52e9b4d
I found a bug which cURL sends cookies to the path not to aim at. For example: - cURL sends a request to http://example.fake/hoge/ - server returns cookie which with path=/hoge; the point is there is NOT the '/' end of path string. - cURL sends a request to http://example.fake/hogege/ with the cookie. The reason for this old "feature" is because that behavior is what is described in the original netscape cookie spec: http://curl.haxx.se/rfc/cookie_spec.html The current cookie spec (RFC6265) clarifies the situation: http://tools.ietf.org/html/rfc6265#section-5.2.4
55 lines
918 B
Plaintext
55 lines
918 B
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
cookies
|
|
cookie path
|
|
</keywords>
|
|
</info>
|
|
<reply>
|
|
<data>
|
|
HTTP/1.1 200 OK
|
|
Date: Tue, 25 Sep 2001 19:37:44 GMT
|
|
Set-Cookie: path1=root; domain=.example.fake; path=/;
|
|
Set-Cookie: path2=depth1; domain=.example.fake; path=/hoge;
|
|
Content-Length: 34
|
|
|
|
This server says cookie path test
|
|
</data>
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
http
|
|
</server>
|
|
<name>
|
|
HTTP cookie path match
|
|
</name>
|
|
<command>
|
|
http://example.fake/hoge/1228 http://example.fake/hogege/ -b nonexisting -x %HOSTIP:%HTTPPORT
|
|
</command>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<strip>
|
|
^User-Agent:.*
|
|
</strip>
|
|
<protocol>
|
|
GET http://example.fake/hoge/1228 HTTP/1.1
|
|
Host: example.fake
|
|
Accept: */*
|
|
Proxy-Connection: Keep-Alive
|
|
|
|
GET http://example.fake/hogege/ HTTP/1.1
|
|
Host: example.fake
|
|
Accept: */*
|
|
Proxy-Connection: Keep-Alive
|
|
Cookie: path1=root
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|