From de6ab3de22affd84eddd5ace857efb34a57aafc0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 4 Aug 2004 12:26:27 +0000
Subject: [PATCH] Dylan Salisbury's fix to prevent us from accepting cookies
 from TLD only

---
 lib/cookie.c | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index da7ca1ba7d841e..fe603c672c26c8 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -223,14 +223,9 @@ Curl_cookie_add(struct SessionHandle *data,
 
             const char *domptr=whatptr;
             int dotcount=1;
-            unsigned int i;
 
-            static const char *seventhree[]= {
-              "com", "edu", "net", "org", "gov", "mil", "int"
-            };
-
-            /* Count the dots, we need to make sure that there are THREE dots
-               in the normal domains, or TWO in the seventhree-domains. */
+            /* Count the dots, we need to make sure that there are enough
+               of them. */
 
             if('.' == whatptr[0])
               /* don't count the initial dot, assume it */
@@ -244,13 +239,6 @@ Curl_cookie_add(struct SessionHandle *data,
               }
             } while(domptr);
 
-            for(i=0;
-                i<sizeof(seventhree)/sizeof(seventhree[0]); i++) {
-              if(tailmatch(seventhree[i], whatptr)) {
-                dotcount++; /* we allow one dot less for these */
-                break;
-              }
-            }
             /* The original Netscape cookie spec defined that this domain name
                MUST have three dots (or two if one of the seven holy TLDs),
                but it seems that these kinds of cookies are in use "out there"