New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Empty attributes in Set-Cookie header #1169

Closed
nnposter opened this Issue Apr 1, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@nnposter

nnposter commented Apr 1, 2018

Local function parse_set_cookie in http.lua cannot parse Set-Cookie header if it contains empty attributes:

Set-Cookie: JSESSIONID=aaa; ; Path=/;;Secure;HttpOnly;;

Such attributes are allowed per RFC 6265 errata.

(Issue created strictly for record; a fix will be committed shortly.)

@nmap-bot nmap-bot closed this in 59f80c3 Apr 1, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment