aboutsummaryrefslogtreecommitdiff
path: root/lib/cookie.c
AgeCommit message (Collapse)Author
2005-08-17- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (withDaniel Stenberg
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to write the result to a given cookie jar and then never actually call curl_easy_perform() - the given file(s) to read was never read but the output file was written and thus it caused a "funny" result. - While doing some tests for the bug above, I noticed that Firefox generates large numbers (for the expire time) in the cookies.txt file and libcurl didn't treat them properly. Now it does.
2005-07-28curl standard indent/formatDaniel Stenberg
2005-07-27Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is aDaniel Stenberg
simple interface to extracting and setting cookies in libcurl's internal "cookie jar". See the new cookie_interface.c example code.
2005-04-26Cory Nelson's work on nuking compiler warnings when building on x64 withDaniel Stenberg
VS2005.
2005-03-31Updated the copyright year since changes have been this year.Daniel Stenberg
2005-03-04Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activateDaniel Stenberg
the cookie "engine" without having to provide an empty or non-existing file.
2004-12-22Rune Kleveland fixed a minor memory leak for received cookies with the (rare)Daniel Stenberg
version attribute set.
2004-12-05Dan Fandrich added the --disable-cookies option to configure to buildDaniel Stenberg
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar.
2004-10-16libcurl leaked memory for cookies with the "max-age" field set.Daniel Stenberg
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-10-03Replaced the use of isspace() with our own version instead since we have mostDaniel Stenberg
data as 'char *' and that makes us pass in negative values if there is 8bit data in the string. Changing to unsigned causes too much warnings or too many required typecasts to the normal string functions.
2004-09-13getdate.h is not required to include, it adds nothing newDaniel Stenberg
2004-08-04Dylan Salisbury's fix to prevent us from accepting cookies from TLD onlyDaniel Stenberg
2004-07-26Bertrand Demiddelaer fixed two missing newlinesDaniel Stenberg
2004-06-305K array on the stack is a big hefty, it is now allocated with mallocDaniel Stenberg
instead
2004-06-22David Cohen pointed out that RFC2109 says clients should allow cookies toDaniel Stenberg
contain least 4096 bytes while libcurl only allowed 2047. I raised the limit to 4999 now and made the used buffer get malloc()ed instead of simply allocated on stack as before.
2004-05-21While talking to host a.b.c, libcurl did wrongly not accept cookies that wereDaniel Stenberg
set to the domain .a.b.c (that is with a dot prefix). This is now fixed and test case 171 verifies it.
2004-05-12general cleanup to bail out nice and clean when a memory function failsDaniel Stenberg
to deliver
2004-05-11curl_global_init_mem() allows the memory functions to be replaced.Daniel Stenberg
memory.h is included everywhere for this.
2004-05-10if a malloc fails, clear up the memory and return failureDaniel Stenberg
2004-03-10strequal() returns int so we typecast the return to bool when we store theDaniel Stenberg
result as bool
2004-02-26use calloc instead of malloc and we won't have to memset() the structDaniel Stenberg
2004-02-26Clear up int/long/size_t/ssize_t usage a bitDaniel Stenberg
2004-01-29Dan Fandrich's cleanup patch to make pedantic compiler options cause lessDaniel Stenberg
warnings. Minor edits by me.
2004-01-07updated year in the copyright stringDaniel Stenberg
2003-08-11Added some infof() calls, that require the data pointer so now severalDaniel Stenberg
cookie functions need that. I also fixed the cookie loader to properly load and deal with cookies without contents (or rather with a blank content).
2003-08-04 Jan Sundin reported a case where curl ignored a cookie that browsers don't,Daniel Stenberg
which turned up to be due to the number of dots in the 'domain'. I've now made curl follow the the original netscape cookie spec less strict on that part.
2003-06-26use CURLDEBUG instead of MALLOCDEBUGDaniel Stenberg
2003-05-15Skip any preceeding dots from the domain name of cookies when we keep themDaniel Stenberg
in memory, only add it when we save the cookie. This makes all tailmatching and domain string matching internally a lot easier. This was also the reason for a remaining bug I introduced in my overhaul.
2003-04-30Many cookie fixes:Daniel Stenberg
o Save domains in jars like Mozilla does. It means all domains set in Set-Cookie: headers are dot-prefixed. o Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars (the second column). o Reject cookies using illegal domains in the Set-Cookie: line. Concerns both domains with too few dots or domains that are outside the currently operating server host's domain. o Set the path part by default to the one used in the request, if none was set in the Set-Cookie line.
2003-03-31testing, ignore this commitSterling Hughes
2003-01-29removed the local variables for emacs and vim, use the new sample.emacsDaniel Stenberg
way for emacs, and vim users should provide a similar non-polluting style
2003-01-16copyright year update in the source headerDaniel Stenberg
2002-10-28kromJx@crosswinds.net's fix that now uses checkprefix() instead ofDaniel Stenberg
strnequal() when the third argument was strlen(first argument) anyway. This makes it less prone to errors. (Slightly edited by me)
2002-09-03updated source code boilerplate/headerDaniel Stenberg
2002-07-29properly skip white spaces on Set-Cookie: header linesDaniel Stenberg
2002-06-11added disable-[protocol] support, largely provided by Miklos NemethDaniel Stenberg
2002-05-07support for ingoring session cookies addedDaniel Stenberg
2002-04-14Dirk Manske made libcurl strip off white spaces from the beginning of cookieDaniel Stenberg
contents.
2002-03-25Jacky Lam cookie parser fix for domains with preceeding dotDaniel Stenberg
2002-03-19copyright string (year) updateDaniel Stenberg
2002-02-27made Max-Age work as defined in the RFC.Daniel Stenberg
my brain damaged fix to not parse spaces as part of the value is now fixed to instead strip off trailing spaces from values.
2002-02-26When saving a cookie jar, set field 1 (counted from 0) properly to TRUE if theDaniel Stenberg
domain starts with a dot.
2002-02-26removed crash on weird input, this also better discards silly inputDaniel Stenberg
2002-01-07As identified in bug report #495290, the last "name=value" pair in aDaniel Stenberg
Set-Cookie: line was ignored if they didn't end with a trailing semicolon. This is indeed wrong syntax, but there are high-profile web sites out there sending cookies like that so we must make a best-effort to parse them.
2002-01-07added precautions to not go insane when two matching cookies end up in theDaniel Stenberg
cookie list, even though they're not supposed to do that...
2001-10-30prevent strdup()ing NULL -- Paul Harrington's reportDaniel Stenberg
2001-10-24T. Bharath found this memory leak. It occurs when we replace an internallyDaniel Stenberg
already existing cookie with a new one.
2001-10-11looks nicer and is better compatible with older vim versionsSterling Hughes
2001-10-10cookiejar now enables the cookie engineDaniel Stenberg