diff options
author | Daniel Gustafsson <daniel@yesql.se> | 2018-12-13 09:57:58 +0100 |
---|---|---|
committer | Daniel Gustafsson <daniel@yesql.se> | 2018-12-13 09:57:58 +0100 |
commit | 7a09b52c98ac8d840a8a9907b1a1d9a9e684bcf5 (patch) | |
tree | 65ff353305bd1d837519f292bf934a498ae4ed13 /tests/data/test31 | |
parent | fdc5563b6e80bcdda89d68705cb5488ecc3a48ce (diff) |
cookies: leave secure cookies alone
Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.
Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Diffstat (limited to 'tests/data/test31')
-rw-r--r-- | tests/data/test31 | 18 |
1 files changed, 0 insertions, 18 deletions
diff --git a/tests/data/test31 b/tests/data/test31 index 78f3766e9..58398c55d 100644 --- a/tests/data/test31 +++ b/tests/data/test31 @@ -100,7 +100,6 @@ Accept: */* # https://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. -127.0.0.1 FALSE /we/want/ TRUE 0 securewithspace after 127.0.0.1 FALSE /we/want/ FALSE 0 prespace yes before 127.0.0.1 FALSE /we/want/ FALSE 0 withspaces2 before equals 127.0.0.1 FALSE /we/want/ FALSE 0 withspaces yes within and around @@ -108,28 +107,11 @@ Accept: */* #HttpOnly_127.0.0.1 FALSE /silly/ FALSE 0 magic yessir 127.0.0.1 FALSE /we/want/ FALSE 2054030187 nodomain value 127.0.0.1 FALSE / FALSE 0 partmatch present -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec8 myvalue9 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec7 myvalue8 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec6 myvalue7 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec5 myvalue6 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec4 myvalue5 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec3 myvalue4 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec2 myvalue3 -#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec myvalue2 #HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httponly myvalue1 #HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httpo4 value4 #HttpOnly_127.0.0.1 FALSE /p3/ FALSE 0 httpo3 value3 #HttpOnly_127.0.0.1 FALSE /p2/ FALSE 0 httpo2 value2 #HttpOnly_127.0.0.1 FALSE /p1/ FALSE 0 httpo1 value1 -127.0.0.1 FALSE /secure9/ TRUE 0 secure very1 -127.0.0.1 FALSE /secure8/ TRUE 0 sec8value secure8 -127.0.0.1 FALSE /secure7/ TRUE 0 sec7value secure7 -127.0.0.1 FALSE /secure6/ TRUE 0 sec6value secure6 -127.0.0.1 FALSE /secure5/ TRUE 0 sec5value secure5 -127.0.0.1 FALSE /secure4/ TRUE 0 sec4value secure4 -127.0.0.1 FALSE /secure3/ TRUE 0 sec3value secure3 -127.0.0.1 FALSE /secure2/ TRUE 0 sec2value secure2 -127.0.0.1 FALSE /secure1/ TRUE 0 sec1value secure1 127.0.0.1 FALSE /overwrite FALSE 0 overwrite this2 127.0.0.1 FALSE /silly/ FALSE 0 ismatch this </file> |