[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] Silently rejecting '.domain.tld' cookies from http://doma

From: Claudio Calvelli
Subject: Re: [Lynx-dev] Silently rejecting '.domain.tld' cookies from http://domain.tld
Date: Sun, 27 Apr 2008 00:07:42 +0100

Doug Kaufman wrote:
> Please check your lynx.cfg file. It sounds as if you have
> "COOKIE_STRICT_INVALID_DOMAINS" set. You probably want

They are all commented out in lynx.cfg (and the corresponding lower
case names are set to empty strings in .lynxrc), so it should apply
the default (ask user).

cookie is still rejected, the only difference in the trace is the
value reported for invcheck_bv:

Loading cfg file '/etc/lynx.cfg'.
opening config file /etc/lynx.cfg
lynx_chg_color(color=6, fg=9, bg=0)
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 326: find_domain_entry( 
bv:-1, invcheck_bv:-1
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 2649: cookie_domain_flag_set 
(, bv=2, invcheck_bv=2)


/tmp/lynx2-8-7-dev8/src/LYCookie.c: 1782: LYSetCookie called with host 
'', path '/',
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 1784:     and Set-Cookie: 
'lp=OxeeFGB6-UYGJDWligbykDrM7HsM9jbUVW2xCCeZY59-xDJEGCL4Cc;; expires=SuLYmktime: Parsing 'Sun, 26 Apr 2009 22:25:16 
LYmktime: clock=1240784716, ctime=Sun Apr 26 23:25:16 2009
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 1077: LYSetCookie: expires 1240784716, Sun 
Apr 26 23:25:16 2009
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 1714: LYProcessSetCookie: attr=value pair: 
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 1718:                     expires: 
1240784716, Sun Apr 26 23:25:16 2009

/tmp/lynx2-8-7-dev8/src/LYCookie.c: 315: ...test_domain_entry( 
bv:2, invcheck_bv:2
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 326: find_domain_entry( 
bv:2, invcheck_bv:2
/tmp/lynx2-8-7-dev8/src/LYCookie.c: 442: store_cookie: Rejecting domain 
'' for host ''.

Same result if I use COOKIE_QUERY_INVALID_DOMAINS, with the difference
that the trace shows invcheck_bv:0 instead of invcheck_bv:2.

Looking at the source code, store_cookie doesn't look at the value of
invcheck_bv in this case ("Section 4.3.2, condition 3"), so the values
of COOKIE_*_INVALID_DOMAINS will have no effect on the result.

I copied the code checking the value of invcheck_bv to the bit of
store_cookie which rejects this cookie, and now I do get asked
"Accept invalid cookie for ''? (n)"
-- however, the cookie is stored but not used (it appears in the
cookie jar, but it is not sent with the HTTP request). So this does
not help either.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]