Commit Graph

87 Commits

Author SHA1 Message Date
Daniel Stenberg
a62e155ca4 - Niklas Angebrand made the cookie support in libcurl properly deal with the
"HttpOnly" feature introduced by Microsoft and apparently also supported by
  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
  is now supported when received from servers in HTTP headers, when written to
  cookie jars and when read from existing cookie jars.
2008-01-31 12:21:57 +00:00
Daniel Stenberg
c914e6ea5d "Igor" pointed out that CURLOPT_COOKIELIST set to "ALL" leaked memory, and so
did "SESS". Fixed now.
2008-01-23 22:22:12 +00:00
Daniel Stenberg
cbd1a77ec2 if () => if()
while () => while()
and some other minor re-indentings
2007-11-07 09:21:35 +00:00
Dan Fandrich
1b66c1da6c Added lots of consts 2007-08-29 05:36:53 +00:00
Yang Tse
d9e89e170f fix out of memory handling issue 2007-04-07 04:51:35 +00:00
Dan Fandrich
7e74349b86 Fixed file handle leak in OOM condition. 2007-04-04 22:49:12 +00:00
Yang Tse
f08ac86834 fix compiler warning 2007-03-25 02:30:58 +00:00
Yang Tse
fbcf86b83e avoid using funtion isblank() and just use our ISBLANK
macro to provide this functionality on all platforms
2007-02-14 13:31:37 +00:00
Yang Tse
5c3f36b4b4 compiler warning fix 2007-02-14 04:45:30 +00:00
Yang Tse
6d05a33ed9 use our own ISBLANK macro 2007-02-13 17:47:27 +00:00
Daniel Stenberg
277df1c6b1 make Curl_cookie_clearall() survive getting called with a NULL pointer 2007-01-13 23:32:14 +00:00
Daniel Stenberg
68e9f75708 As reported in bug: #1566077 the former URL mentioned in the generated cookie
jar has died and we now instead point out our own version of that
2006-09-27 21:00:45 +00:00
Daniel Stenberg
28611704d9 Ates Goral pointed out that libcurl's cookie parser did case insensitive
string comparisons on the path which is incorrect and provided a patch that
fixes this. I edited test case 8 to include details that test for this.
2006-07-08 18:52:08 +00:00
Daniel Stenberg
606562aa7e Michael Wallner provided a patch that allows "SESS" to be set with
CURLOPT_COOKIELIST, which then makes all session cookies get cleared. (slightly
edited by me, and the re-indent in cookie.c was also done by me)
2006-05-24 22:46:38 +00:00
Daniel Stenberg
90e1a6905a remove the typecast to long from time_t, since we now store it as curl_off_t 2005-08-17 09:11:27 +00:00
Daniel Stenberg
a676c18502 - Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
  write the result to a given cookie jar and then never actually call
  curl_easy_perform() - the given file(s) to read was never read but the
  output file was written and thus it caused a "funny" result.

- While doing some tests for the bug above, I noticed that Firefox generates
  large numbers (for the expire time) in the cookies.txt file and libcurl
  didn't treat them properly. Now it does.
2005-08-17 08:55:43 +00:00
Daniel Stenberg
1c388a52a5 curl standard indent/format 2005-07-28 21:49:58 +00:00
Daniel Stenberg
2236ba0d20 Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is a
simple interface to extracting and setting cookies in libcurl's internal
"cookie jar". See the new cookie_interface.c example code.
2005-07-27 22:17:14 +00:00
Daniel Stenberg
6b1220b61d Cory Nelson's work on nuking compiler warnings when building on x64 with
VS2005.
2005-04-26 13:08:49 +00:00
Daniel Stenberg
ab4086bc24 Updated the copyright year since changes have been this year. 2005-03-31 07:02:02 +00:00
Daniel Stenberg
6f752c64bc Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
the cookie "engine" without having to provide an empty or non-existing file.
2005-03-04 00:26:50 +00:00
Daniel Stenberg
67abd4cd47 Rune Kleveland fixed a minor memory leak for received cookies with the (rare)
version attribute set.
2004-12-22 22:33:31 +00:00
Daniel Stenberg
ac269a8f68 Dan Fandrich added the --disable-cookies option to configure to build
libcurl without cookie support. This is mainly useful if you want to build a
minimalistic libcurl with no cookies support at all. Like for embedded
systems or similar.
2004-12-05 23:59:32 +00:00
Daniel Stenberg
f40c9b83df libcurl leaked memory for cookies with the "max-age" field set. 2004-10-16 13:54:40 +00:00
Daniel Stenberg
39af394a1c removed tabs and trailing whitespace from source 2004-10-06 07:50:18 +00:00
Daniel Stenberg
be7ce435c0 Replaced the use of isspace() with our own version instead since we have most
data as 'char *' and that makes us pass in negative values if there is 8bit
data in the string. Changing to unsigned causes too much warnings or too many
required typecasts to the normal string functions.
2004-10-03 21:02:01 +00:00
Daniel Stenberg
13cc010e38 getdate.h is not required to include, it adds nothing new 2004-09-13 20:47:15 +00:00
Daniel Stenberg
de6ab3de22 Dylan Salisbury's fix to prevent us from accepting cookies from TLD only 2004-08-04 12:26:27 +00:00
Daniel Stenberg
0e03165467 Bertrand Demiddelaer fixed two missing newlines 2004-07-26 15:42:07 +00:00
Daniel Stenberg
ce945bd2f0 5K array on the stack is a big hefty, it is now allocated with malloc
instead
2004-06-30 12:05:07 +00:00
Daniel Stenberg
35558e6bd7 David Cohen pointed out that RFC2109 says clients should allow cookies to
contain least 4096 bytes while libcurl only allowed 2047. I raised the limit
to 4999 now and made the used buffer get malloc()ed instead of simply
allocated on stack as before.
2004-06-22 21:15:51 +00:00
Daniel Stenberg
755f98e768 While talking to host a.b.c, libcurl did wrongly not accept cookies that were
set to the domain .a.b.c (that is with a dot prefix). This is now fixed and
test case 171 verifies it.
2004-05-21 20:40:15 +00:00
Daniel Stenberg
34e8baab9a general cleanup to bail out nice and clean when a memory function fails
to deliver
2004-05-12 12:04:38 +00:00
Daniel Stenberg
bbafb2eb27 curl_global_init_mem() allows the memory functions to be replaced.
memory.h is included everywhere for this.
2004-05-11 11:30:23 +00:00
Daniel Stenberg
5dcab07c54 if a malloc fails, clear up the memory and return failure 2004-05-10 14:04:06 +00:00
Daniel Stenberg
9948250723 strequal() returns int so we typecast the return to bool when we store the
result as bool
2004-03-10 09:41:37 +00:00
Daniel Stenberg
7d8cd5906c use calloc instead of malloc and we won't have to memset() the struct 2004-02-26 14:52:16 +00:00
Daniel Stenberg
d571064b65 Clear up int/long/size_t/ssize_t usage a bit 2004-02-26 13:40:43 +00:00
Daniel Stenberg
4d17d6876e Dan Fandrich's cleanup patch to make pedantic compiler options cause less
warnings. Minor edits by me.
2004-01-29 13:56:45 +00:00
Daniel Stenberg
053f6c85ef updated year in the copyright string 2004-01-07 09:19:33 +00:00
Daniel Stenberg
168703b7bf Added some infof() calls, that require the data pointer so now several
cookie functions need that.

I also fixed the cookie loader to properly load and deal with cookies without
contents (or rather with a blank content).
2003-08-11 09:55:11 +00:00
Daniel Stenberg
98ee12bc35 Jan Sundin reported a case where curl ignored a cookie that browsers don't,
which turned up to be due to the number of dots in the 'domain'. I've now
  made curl follow the the original netscape cookie spec less strict on that
  part.
2003-08-04 23:05:57 +00:00
Daniel Stenberg
2bd71d70ff use CURLDEBUG instead of MALLOCDEBUG 2003-06-26 06:50:32 +00:00
Daniel Stenberg
465de793e8 Skip any preceeding dots from the domain name of cookies when we keep them
in memory, only add it when we save the cookie. This makes all tailmatching
and domain string matching internally a lot easier.

This was also the reason for a remaining bug I introduced in my overhaul.
2003-05-15 22:28:19 +00:00
Daniel Stenberg
efd836d971 Many cookie fixes:
o Save domains in jars like Mozilla does. It means all domains set in
    Set-Cookie: headers are dot-prefixed.
  o Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars (the
    second column).
  o Reject cookies using illegal domains in the Set-Cookie: line. Concerns
    both domains with too few dots or domains that are outside the currently
    operating server host's domain.
  o Set the path part by default to the one used in the request, if none was
    set in the Set-Cookie line.
2003-04-30 17:03:43 +00:00
Sterling Hughes
ad6fca28f9 testing, ignore this commit 2003-03-31 15:59:17 +00:00
Daniel Stenberg
a7c72b7abf removed the local variables for emacs and vim, use the new sample.emacs
way for emacs, and vim users should provide a similar non-polluting style
2003-01-29 10:14:20 +00:00
Daniel Stenberg
f26a338a54 copyright year update in the source header 2003-01-16 21:08:12 +00:00
Daniel Stenberg
01387f42c5 kromJx@crosswinds.net's fix that now uses checkprefix() instead of
strnequal() when the third argument was strlen(first argument) anyway.
This makes it less prone to errors. (Slightly edited by me)
2002-10-28 21:52:00 +00:00
Daniel Stenberg
ba4e69bebc updated source code boilerplate/header 2002-09-03 11:52:59 +00:00