You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RFC 6265 section 4.1.1 spells out that the first name/value pair in the header is the actual cookie name and content, while the following are the parameters.
libcurl currently has a more liberal approach which causes significant problems when introducing new cookie parameters, like the suggested new cookie priority draft.
The current parser gets all n/v pairs and the first name isn't a known parameter will be considered the cookie, thus accepting Set-Cookie: Max-Age=2; name=daniel while an RFC compliant parser should consider that to be a cookie named 'Max-Age'.
The text was updated successfully, but these errors were encountered:
RFC 6265 section 4.1.1 spells out that the first name/value pair in the header is the actual cookie name and content, while the following are the parameters.
libcurl currently has a more liberal approach which causes significant problems when introducing new cookie parameters, like the suggested new cookie priority draft.
The current parser gets all n/v pairs and the first name isn't a known parameter will be considered the cookie, thus accepting
Set-Cookie: Max-Age=2; name=daniel
while an RFC compliant parser should consider that to be a cookie named 'Max-Age'.The text was updated successfully, but these errors were encountered: