From e6522522f96ad96b459e608c6cdcd46a32099b5b Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Sun, 17 Feb 2019 00:09:30 +0100 Subject: cookie: Add support for cookie prefixes The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes and how they should affect cookie initialization, which has been adopted by the major browsers. This adds support for the two prefixes defined, __Host- and __Secure, and updates the testcase with the supplied examples from the draft. Closes #3554 Reviewed-by: Daniel Stenberg --- docs/HTTP-COOKIES.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'docs/HTTP-COOKIES.md') diff --git a/docs/HTTP-COOKIES.md b/docs/HTTP-COOKIES.md index 66e39d232..632cb4ebe 100644 --- a/docs/HTTP-COOKIES.md +++ b/docs/HTTP-COOKIES.md @@ -18,9 +18,16 @@ original [Netscape spec from 1994](https://curl.haxx.se/rfc/cookie_spec.html). In 2011, [RFC6265](https://www.ietf.org/rfc/rfc6265.txt) was finally - published and details how cookies work within HTTP. In 2017, an update was + published and details how cookies work within HTTP. In 2016, an update which + added support for prefixes was + [proposed](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00), + and in 2017, another update was [drafted](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01) - to deprecate modification of 'secure' cookies from non-secure origins. + to deprecate modification of 'secure' cookies from non-secure origins. Both + of these drafs have been incorporated into a proposal to + [replace](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02) + RFC6265. Cookie prefixes and secure cookie modification protection has been + implemented by curl. ## Cookies saved to disk -- cgit v1.2.3