lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV v2.6FM update


From: Andrew Kuchling
Subject: Re: LYNX-DEV v2.6FM update
Date: Mon, 20 Jan 1997 18:40:19 -0500 (EST)

Foteos Macrides wrote:
>   ...  debugged and implemented the
>   code for security checks based on lead and embedded dots in domain values
>   and host prefixes ...

        Excellent! I was about to e-mail you about my oversight in
leaving that code commented out.  Note that enabling this code breaks
my.yahoo.com, since the host "edit.my.yahoo.com" tries to set a cookie
with domain=".yahoo.com".  This is explicitly illegal according to
the cookie draft; time will tell if Yahoo will fix this, or if we'll
need to kludge around this.

        Another thing: http://www.ffly.com sets a cookie with a <meta
HTTP-EQUIV="Set-Cookie"> tag; a tiny patch is included below.  


        Andrew Kuchling
        address@hidden
        http://www.magnet.com/~amk/
Save the Gutenberg Project! http://www.promo.net/pg/nl/pgny_nov96.html


diff -C5 -r1.1 LYCharUtils.c
*** LYCharUtils.c       1997/01/20 23:07:03     1.1
--- LYCharUtils.c       1997/01/20 23:11:41
***************
*** 1916,1925 ****
--- 1916,1928 ----
                    if (*me->node_anchor->SugFname == '\0')
                        FREE(me->node_anchor->SugFname);
                }
            }
        }
+     } else if (!strcasecomp((name ? name : http_equiv), "Set-Cookie")) {
+       /* XXX is the second argument the right one? */
+       LYSetCookie(content, me->node_anchor->address);
      }

      /*
       *  Free the copies. - FM
       */
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]