Hello curl developers, I think the cookie parsing in curl is too strict. When a web server sends a cookie with a blank expiration date (see example below) curl ignores it. I know it's a rare case, but still, wouldn't it be logical to treat it as a session cookie instead? Both firefox and IE do exactly that.
Here is an example: $ curl -V curl 7.19.5 (i486-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 libssh2/1.2.1 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz $ curl -b "" -v -L -o /dev/null http://www.banking.first-direct.com 2>&1 | grep Cookie < Set-Cookie: fda=r3596019029; path=/; expires= A fix would be very simple: diff -u cookie.c cookie.c\~ --- cookie.c 2009-10-05 10:56:49.000000000 +0100 +++ cookie.c~ 2009-04-23 12:51:08.000000000 +0100 @@ -351,8 +351,7 @@ /* Note that we store -1 in 'expires' here if the date couldn't get parsed for whatever reason. This will have the effect that the cookie won't match. */ - if( whatptr[0] ) - co->expires = curl_getdate(what, &now); + co->expires = curl_getdate(what, &now); } else if(!co->name) { co->name = strdup(name); Regards, Dima. ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
