New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"secure" cookies not getting recognized on localhost #6733
Comments
Are you using the same curl version on Linux vs Windows? I note that the cookie says |
The curl version on Linux:
The Windows version was a little more recent compared to this. I executed the same command under Linux. The Set-Cookie header was also similar:
The cookie jar: # Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
localhost FALSE /MLP318 TRUE 0 JSESSIONID 6135D2A1DC70D08AC434D77503339128 The cookie indeed had While I understand that secure cookies are intended to be transmitted over a |
7.52 is not exactly recent, the changes to restricting secure cookies came in 7.64.0. If you upgrade your curl on Linux it will match the behavior on Windows. |
Agreed! @danielgustafsson maybe something to consider while you're there poking on cookies atm? |
Indeed, I was just reading up on it. Will add it to my small cookie TODO list. |
One problem here: I think that name resolving detail needs to be fixed before we can consider |
See #7039 for a take on "localhost" to always be truly local. |
I've labeled this "enhancement" as this is functionality we never attempted to support before. |
I did this
Command issued:
I expected the following
I got a
Set-Cookie
header like this:I hoped that the cookie will get written to the cookie jar, but it was not the case. There were no cookies in the file. The following was the contents of the cookie jar after execution:
curl/libcurl version
operating system
Windows. I got curl packaged along with git bash (https://gitforwindows.org/).
comments
I tried it under Linux and it works perfectly. I couldn't get it to work with the
curl
packaged along with my git bash.The text was updated successfully, but these errors were encountered: