- Dima Barsky made the curl cookie parser accept cookies even with blank or

unparsable expiry dates and then treat them as session cookies - previously libcurl would reject cookies with a date format it couldn't parse. Research shows that the major browser treat such cookies as session cookies. I modified test 8 and 31 to verify this.
author: Daniel Stenberg <daniel@haxx.se> 2009-10-25 18:15:14 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2009-10-25 18:15:14 +0000
commit: 448d2b5f491067f110e96c4a60342d0c34dd7010 (patch)
tree: b54da8c69276d819718665cec680bcc1ee6ef5f4 /lib
parent: 7867d442514ca2da5f33bc928fa37c442085ade3 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/cookie.c b/lib/cookie.c
index d121c0b29..89f90f1d3 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -363,9 +363,8 @@ Curl_cookie_add(struct SessionHandle *data,
               badcookie = TRUE;
               break;
             }
-            /* Note that we store -1 in 'expires' here if the date couldn't
-               get parsed for whatever reason. This will have the effect that
-               the cookie won't match. */
+            /* Note that if the date couldn't get parsed for whatever reason,
+               the cookie will be treated as a session cookie */
             co->expires = curl_getdate(what, &now);
 
             /* Session cookies have expires set to 0 so if we get that back
@@ -373,6 +372,8 @@ Curl_cookie_add(struct SessionHandle *data,
                non-session cookie */
             if (co->expires == 0)
               co->expires = 1;
+            else if( co->expires < 0 )
+                co->expires = 0;
           }
           else if(!co->name) {
             co->name = strdup(name);
author	Daniel Stenberg <daniel@haxx.se>	2009-10-25 18:15:14 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2009-10-25 18:15:14 +0000
commit	448d2b5f491067f110e96c4a60342d0c34dd7010 (patch)
tree	b54da8c69276d819718665cec680bcc1ee6ef5f4 /lib
parent	7867d442514ca2da5f33bc928fa37c442085ade3 (diff)