curl/tests/data/test1105, branch master cURL mirror with patches applied cookies: support creation-time attribute for cookies 2018-08-31T12:11:37+00:00 Daniel Gustafsson daniel@yesql.se 2018-08-28T09:28:50+00:00 e2ef8d6fa11b2345e10b89db525920f2a0d5fd79 According to RFC6265 section 5.4, cookies with equal path lengths SHOULD be sorted by creation-time (earlier first). This adds a creation-time record to the cookie struct in order to make cookie sorting more deterministic. The creation-time is defined as the order of the cookies in the jar, the first cookie read fro the jar being the oldest. The creation-time is thus not serialized into the jar. Also remove the strcmp() matching in the sorting as there is no lexicographic ordering in RFC6265. Existing tests are updated to match. Closes #2524 
According to RFC6265 section 5.4, cookies with equal path lengths
SHOULD be sorted by creation-time (earlier first). This adds a
creation-time record to the cookie struct in order to make cookie
sorting more deterministic. The creation-time is defined as the
order of the cookies in the jar, the first cookie read fro the
jar being the oldest. The creation-time is thus not serialized
into the jar. Also remove the strcmp() matching in the sorting as
there is no lexicographic ordering in RFC6265. Existing tests are
updated to match.

Closes #2524
tests: made a couple of prechecks consistent with others 2017-05-13T17:12:22+00:00 Dan Fandrich dan@coneharvesters.com 2017-05-13T17:04:10+00:00 fa0ac3f4d9ca095c33bca62ba2f64c95e3c3456a Also removed a TODO suggesting caching the precheck results. Tests showed this would save about 0.1 sec on the total test run time on a relatively modern system, an unnoticeable gain at the cost of longer and more complicated code. There would also be a danger that a cached test result would be inappropriately returned, such as when other test dependencies (like environment variables) are different or when the precheck causes side effects (like filesystem changes). 
Also removed a TODO suggesting caching the precheck results. Tests
showed this would save about 0.1 sec on the total test run time on a
relatively modern system, an unnoticeable gain at the cost of longer and
more complicated code. There would also be a danger that a cached test
result would be inappropriately returned, such as when other test
dependencies (like environment variables) are different or when the
precheck causes side effects (like filesystem changes).
URLs: change all http:// URLs to https:// 2016-02-02T23:19:02+00:00 Daniel Stenberg daniel@haxx.se 2016-02-02T23:19:02+00:00 4af40b3646d3b09f68e419f7ca866ff395d1f897 






cookies: only use full host matches for hosts used as IP address
2014-09-10T05:32:36+00:00

Tim Ruehsen
tim.ruehsen@gmx.de

2014-08-19T19:01:28+00:00

8a75dbeb2305297640453029b7905ef51b87e8dd

By not detecting and rejecting domain names for partial literal IP
addresses properly when parsing received HTTP cookies, libcurl can be
fooled to both send cookies to wrong sites and to allow arbitrary sites
to set cookies for others.

CVE-2014-3613

Bug: http://curl.haxx.se/docs/adv_20140910A.html





By not detecting and rejecting domain names for partial literal IP
addresses properly when parsing received HTTP cookies, libcurl can be
fooled to both send cookies to wrong sites and to allow arbitrary sites
to set cookies for others.

CVE-2014-3613

Bug: http://curl.haxx.se/docs/adv_20140910A.html







tests: specify 'text' mode for some output files in verify section
2013-03-18T19:45:35+00:00

Yang Tse
yangsita@gmail.com

2013-03-18T19:44:46+00:00

b0dfbf305a86bd8312090c6c1ff275a6f895a763












Add a HOSTIP precheck for tests 31 and 1105
2012-11-19T09:58:14+00:00

Fabian Keil
fk@fabiankeil.de

2012-11-18T13:55:29+00:00

276452ca1096c40c886eee3ea461d462b7bcdadc

They currently only work for 127.0.0.1 which
is hardcoded and can't be easily changed.





They currently only work for 127.0.0.1 which
is hardcoded and can't be easily changed.







cookies: change the URL in the cookie jar file header
2012-07-03T09:27:45+00:00

Daniel Stenberg
daniel@haxx.se

2012-07-03T09:27:45+00:00

c75ece44423b0eb4f0fdac13c6760d17c4200ade












- John P. McCaskey posted a bug report that showed how libcurl did wrong when
2009-09-26T20:51:51+00:00

Daniel Stenberg
daniel@haxx.se

2009-09-26T20:51:51+00:00

4f47fc4e14cf6e782bffa8804218acc99828bf42

  saving received cookies with no given path, if the path in the request had a
  query part. That is means a question mark (?) and characters on the right
  side of that. I wrote test case 1105 and fixed this problem.





  saving received cookies with no given path, if the path in the request had a
  query part. That is means a question mark (?) and characters on the right
  side of that. I wrote test case 1105 and fixed this problem.







added test 1105 (disabled) - it repeats a cookie path bug we need to fix
2009-09-26T11:46:41+00:00

Daniel Stenberg
daniel@haxx.se

2009-09-26T11:46:41+00:00

8d39a31e894998fff017266cff232038296f95af