Hello cURL hackers, I found a bug which cURL sends cookies to the path not to aim at. For example: - cURL sends a request to http://example.fake/hoge/ - server returns cookie which with path=/hoge; the point is there is NOT the '/' end of path string. - cURL sends a request to http://example.fake/hogege/ with the cookie.
Because Curl_cookie_getlist() compares path using strncmp(). I think cURL should send without the cookie, this case. An attached patch fixs this problem and test case. Best regards, thanks =============== YAMADA Yasuharu ACCESS CO., LTD. [email protected] -- . ________________________________________ The contents of this e-mail message and any attachments are confidential and are intended solely for the addressee. The information may also be legally privileged. This transmission is sent in trust, and the sole purpose of delivery to the intended recipient. If you have received this transmission in error, any use, reproduction or dissemination of this transmission is strictly prohibited. If you are not the intended recipient, please immediately notify the sender by reply e-mailer and delete this message and its attachments, if any. Thank you for your cooperation. ________________________________________
cookie_path_match.diff
Description: Binary data
test9010
Description: Binary data
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
