aboutsummaryrefslogtreecommitdiff
path: root/lib/cookie.c
AgeCommit message (Collapse)Author
2008-10-15- Pascal Terjan filed bug #2154627Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl uses strcasecmp() in multiple places where it causes failures when the Turkish locale is used. This is because 'i' and 'I' isn't the same letter so strcasecmp() on those letters are different in Turkish than in English (or just about all other languages). I thus introduced a totally new internal function in libcurl (called Curl_ascii_equal) for doing case insentive comparisons for english-(ascii?) style strings that thus will make "file" and "FILE" match even if the Turkish locale is selected.
2008-10-13Removed superfluous check of clist->name, as in this code path that pointerDaniel Stenberg
has already been dereferenced so it is bound to be valid. Pointed out to us by coverity.com
2008-09-08- Stefan Krause pointed out that libcurl would wrongly send away cookies toDaniel Stenberg
sites in cases where the cookie clearly has a very old expiry date. The condition was simply that libcurl's date parser would fail to convert the date and it would then count as a (timed-based) match. Starting now, a missed date due to an unsupported date format or date range will now cause the cookie to not match.
2008-09-06remove unnecessary typecasting of malloc()Yang Tse
2008-09-06remove unnecessary typecasting of calloc()Yang Tse
2008-08-28- I'm abandoning the system with the web site mirrors (but keeping downloadDaniel Stenberg
files bing mirrored) and thus I've changed the URL in the cookiejar header to no longer use curlm.haxx.se but instead use the main site curl.haxx.se
2008-08-16Library internal only C preprocessor macros FORMAT_OFF_T and FORMAT_OFF_TUYang Tse
remain in use as internal curl_off_t print formatting strings for the internal *printf functions which still cannot handle print formatting string directives such as "I64d", "I64u", and others available on MSVC, MinGW, Intel's ICC, and other DOS/Windows compilers. This reverts previous commit part which did: FORMAT_OFF_T -> CURL_FORMAT_CURL_OFF_T FORMAT_OFF_TU -> CURL_FORMAT_CURL_OFF_TU
2008-08-15For congruency sake with the naming of other CURL_XXXXXX_CURL_OFF_T macros,Yang Tse
the names of the curl_off_t formatting string directives now become CURL_FORMAT_CURL_OFF_T and CURL_FORMAT_CURL_OFF_TU. CURL_FMT_OFF_T -> CURL_FORMAT_CURL_OFF_T CURL_FMT_OFF_TU -> CURL_FORMAT_CURL_OFF_TU Remove the use of an internal name for the curl_off_t formatting string directives and use the common one available from the inside and outside of the library. FORMAT_OFF_T -> CURL_FORMAT_CURL_OFF_T FORMAT_OFF_TU -> CURL_FORMAT_CURL_OFF_TU
2008-01-31- Niklas Angebrand made the cookie support in libcurl properly deal with theDaniel Stenberg
"HttpOnly" feature introduced by Microsoft and apparently also supported by Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly is now supported when received from servers in HTTP headers, when written to cookie jars and when read from existing cookie jars.
2008-01-23"Igor" pointed out that CURLOPT_COOKIELIST set to "ALL" leaked memory, and soDaniel Stenberg
did "SESS". Fixed now.
2007-11-07if () => if()Daniel Stenberg
while () => while() and some other minor re-indentings
2007-08-29Added lots of constsDan Fandrich
2007-04-07fix out of memory handling issueYang Tse
2007-04-04Fixed file handle leak in OOM condition.Dan Fandrich
2007-03-25fix compiler warningYang Tse
2007-02-14avoid using funtion isblank() and just use our ISBLANKYang Tse
macro to provide this functionality on all platforms
2007-02-14compiler warning fixYang Tse
2007-02-13use our own ISBLANK macroYang Tse
2007-01-13make Curl_cookie_clearall() survive getting called with a NULL pointerDaniel Stenberg
2006-09-27As reported in bug: #1566077 the former URL mentioned in the generated cookieDaniel Stenberg
jar has died and we now instead point out our own version of that
2006-07-08Ates Goral pointed out that libcurl's cookie parser did case insensitiveDaniel Stenberg
string comparisons on the path which is incorrect and provided a patch that fixes this. I edited test case 8 to include details that test for this.
2006-05-24Michael Wallner provided a patch that allows "SESS" to be set withDaniel Stenberg
CURLOPT_COOKIELIST, which then makes all session cookies get cleared. (slightly edited by me, and the re-indent in cookie.c was also done by me)
2005-08-17remove the typecast to long from time_t, since we now store it as curl_off_tDaniel Stenberg
2005-08-17- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (withDaniel Stenberg
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to write the result to a given cookie jar and then never actually call curl_easy_perform() - the given file(s) to read was never read but the output file was written and thus it caused a "funny" result. - While doing some tests for the bug above, I noticed that Firefox generates large numbers (for the expire time) in the cookies.txt file and libcurl didn't treat them properly. Now it does.
2005-07-28curl standard indent/formatDaniel Stenberg
2005-07-27Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is aDaniel Stenberg
simple interface to extracting and setting cookies in libcurl's internal "cookie jar". See the new cookie_interface.c example code.
2005-04-26Cory Nelson's work on nuking compiler warnings when building on x64 withDaniel Stenberg
VS2005.
2005-03-31Updated the copyright year since changes have been this year.Daniel Stenberg
2005-03-04Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activateDaniel Stenberg
the cookie "engine" without having to provide an empty or non-existing file.
2004-12-22Rune Kleveland fixed a minor memory leak for received cookies with the (rare)Daniel Stenberg
version attribute set.
2004-12-05Dan Fandrich added the --disable-cookies option to configure to buildDaniel Stenberg
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar.
2004-10-16libcurl leaked memory for cookies with the "max-age" field set.Daniel Stenberg
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-10-03Replaced the use of isspace() with our own version instead since we have mostDaniel Stenberg
data as 'char *' and that makes us pass in negative values if there is 8bit data in the string. Changing to unsigned causes too much warnings or too many required typecasts to the normal string functions.
2004-09-13getdate.h is not required to include, it adds nothing newDaniel Stenberg
2004-08-04Dylan Salisbury's fix to prevent us from accepting cookies from TLD onlyDaniel Stenberg
2004-07-26Bertrand Demiddelaer fixed two missing newlinesDaniel Stenberg
2004-06-305K array on the stack is a big hefty, it is now allocated with mallocDaniel Stenberg
instead
2004-06-22David Cohen pointed out that RFC2109 says clients should allow cookies toDaniel Stenberg
contain least 4096 bytes while libcurl only allowed 2047. I raised the limit to 4999 now and made the used buffer get malloc()ed instead of simply allocated on stack as before.
2004-05-21While talking to host a.b.c, libcurl did wrongly not accept cookies that wereDaniel Stenberg
set to the domain .a.b.c (that is with a dot prefix). This is now fixed and test case 171 verifies it.
2004-05-12general cleanup to bail out nice and clean when a memory function failsDaniel Stenberg
to deliver
2004-05-11curl_global_init_mem() allows the memory functions to be replaced.Daniel Stenberg
memory.h is included everywhere for this.
2004-05-10if a malloc fails, clear up the memory and return failureDaniel Stenberg
2004-03-10strequal() returns int so we typecast the return to bool when we store theDaniel Stenberg
result as bool
2004-02-26use calloc instead of malloc and we won't have to memset() the structDaniel Stenberg
2004-02-26Clear up int/long/size_t/ssize_t usage a bitDaniel Stenberg
2004-01-29Dan Fandrich's cleanup patch to make pedantic compiler options cause lessDaniel Stenberg
warnings. Minor edits by me.
2004-01-07updated year in the copyright stringDaniel Stenberg
2003-08-11Added some infof() calls, that require the data pointer so now severalDaniel Stenberg
cookie functions need that. I also fixed the cookie loader to properly load and deal with cookies without contents (or rather with a blank content).
2003-08-04 Jan Sundin reported a case where curl ignored a cookie that browsers don't,Daniel Stenberg
which turned up to be due to the number of dots in the 'domain'. I've now made curl follow the the original netscape cookie spec less strict on that part.