diff options
author | Sergei Kuzmin <sergeikuzmin@gmail.com> | 2016-10-02 21:34:59 -0700 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-10-03 16:49:35 +0200 |
commit | 54e48b14e1ecf399149b137bb741cf84a73b1f32 (patch) | |
tree | f16031e237366916571cc986d38025b1b9135902 /lib/vauth/oauth2.c | |
parent | 2a1d538963c5861d729eea2b4bb271fad03217d1 (diff) |
cookies: same domain handling changed to match browser behavior
Cokie with the same domain but different tailmatching property are now
considered different and do not replace each other. If header contains
following lines then two cookies will be set: Set-Cookie: foo=bar;
domain=.foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 Set-Cookie: foo=baz;
domain=foo.com; expires=Thu Mar 3 GMT 8:56:27 2033
This matches Chrome, Opera, Safari, and Firefox behavior. When sending
stored tokens to foo.com Chrome, Opera, Firefox store send them in the
stored order, while Safari pre-sort the cookies.
Closes #1050
Diffstat (limited to 'lib/vauth/oauth2.c')
0 files changed, 0 insertions, 0 deletions