diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-08-19 21:11:20 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2014-09-10 07:32:36 +0200 |
commit | a76825a5efa6b41d3a1d4f275dada2f017f6f566 (patch) | |
tree | c1c48922e1b81e969a27a119793e6b27a2beae5f /tests | |
parent | 8a75dbeb2305297640453029b7905ef51b87e8dd (diff) |
cookies: reject incoming cookies set for TLDs
Test 61 was modified to verify this.
CVE-2014-3620
Reported-by: Tim Ruehsen
URL: http://curl.haxx.se/docs/adv_20140910B.html
Diffstat (limited to 'tests')
-rw-r--r-- | tests/data/test61 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tests/data/test61 b/tests/data/test61 index d2de2790a..e6dbbb901 100644 --- a/tests/data/test61 +++ b/tests/data/test61 @@ -23,6 +23,7 @@ Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure
Set-Cookie: test5=name; domain=anything.com; path=/ ; secure
Set-Cookie: fake=fooledyou; domain=..com; path=/;
+Set-Cookie: supercookie=fooledyou; domain=.com; path=/;^M Content-Length: 4
boo |