From 54e48b14e1ecf399149b137bb741cf84a73b1f32 Mon Sep 17 00:00:00 2001 From: Sergei Kuzmin Date: Sun, 2 Oct 2016 21:34:59 -0700 Subject: cookies: same domain handling changed to match browser behavior Cokie with the same domain but different tailmatching property are now considered different and do not replace each other. If header contains following lines then two cookies will be set: Set-Cookie: foo=bar; domain=.foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 Set-Cookie: foo=baz; domain=foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 This matches Chrome, Opera, Safari, and Firefox behavior. When sending stored tokens to foo.com Chrome, Opera, Firefox store send them in the stored order, while Safari pre-sort the cookies. Closes #1050 --- lib/cookie.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/cookie.c b/lib/cookie.c index d5a83fd66..0f05da200 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -817,7 +817,8 @@ Curl_cookie_add(struct Curl_easy *data, /* the names are identical */ if(clist->domain && co->domain) { - if(Curl_raw_equal(clist->domain, co->domain)) + if(Curl_raw_equal(clist->domain, co->domain) && + (clist->tailmatch == co->tailmatch)) /* The domains are identical */ replace_old=TRUE; } -- cgit v1.2.3