rpms / curl

Clone
Source Code
GIT

Blame 0001-curl-7.47.1-psl-localhost.patch

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 http2 main metalink olpc2 private-kdudka-bisect-curl-7.78.0 private-kdudka-debug-scp private-kdudka-libcurl-minimal private-kdudka-libcurl-nss private-kdudka-libcurl-openssl private-kdudka-rebase rawhide
  1.   f24
  2.   0001-curl-7.47.1-psl-localhost.patch
Blob History Raw
e2daf98 
From 090ee789dda468fe0d9b715ec4e5dc47a948a239 Mon Sep 17 00:00:00 2001
e2daf98 
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
e2daf98 
Date: Wed, 2 Mar 2016 11:07:16 +0100
e2daf98 
Subject: [PATCH] cookie: do not refuse cookies for localhost
e2daf98
e2daf98 
Closes #658
e2daf98 
---
e2daf98 
 lib/cookie.c        | 10 ++++++----
e2daf98 
 tests/data/test1136 |  1 +
e2daf98 
 2 files changed, 7 insertions(+), 4 deletions(-)
e2daf98
e2daf98 
diff --git a/lib/cookie.c b/lib/cookie.c
e2daf98 
index d62f446..e5c7b7e 100644
e2daf98 
--- a/lib/cookie.c
e2daf98 
+++ b/lib/cookie.c
e2daf98 
@@ -788,10 +788,12 @@ Curl_cookie_add(struct SessionHandle *data,
e2daf98 
 #ifdef USE_LIBPSL
e2daf98 
   /* Check if the domain is a Public Suffix and if yes, ignore the cookie.
e2daf98 
      This needs a libpsl compiled with builtin data. */
e2daf98 
-  if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {
e2daf98 
-    if(psl_is_public_suffix(psl, co->domain)) {
e2daf98 
-      infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",
e2daf98 
-            co->name, co->domain);
e2daf98 
+  if(domain && co->domain && !isip(co->domain)) {
e2daf98 
+    if (((psl = psl_builtin()) != NULL)
e2daf98 
+        && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
e2daf98 
+      infof(data,
e2daf98 
+            "cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",
e2daf98 
+            co->name, domain, co->domain);
e2daf98 
       freecookie(co);
e2daf98 
       return NULL;
e2daf98 
     }
e2daf98 
diff --git a/tests/data/test1136 b/tests/data/test1136
e2daf98 
index e42ca06..d3327e8 100644
e2daf98 
--- a/tests/data/test1136
e2daf98 
+++ b/tests/data/test1136
e2daf98 
@@ -58,6 +58,7 @@ http://www.example.ck/1136 http://www.ck/1136 http://z-1.compute-1.amazonaws.com
e2daf98
e2daf98 
 .www.example.ck	TRUE	/	FALSE	0	test2	allowed2
e2daf98 
 .www.ck	TRUE	/	FALSE	0	test4	allowed4
e2daf98 
+.z-1.compute-1.amazonaws.com	TRUE	/	FALSE	0	test5	forbidden5
e2daf98 
 </file>
e2daf98 
 </verify>
e2daf98 
 </testcase>
e2daf98 
--
e2daf98 
2.5.0
e2daf98
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.