bug-wget
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Implementing draft to update RFC6265

From: Darshit Shah
Subject: Re: [Bug-wget] Implementing draft to update RFC6265
Date: Tue, 19 Jan 2016 15:29:56 +0100 
Tim has already answered all of your queries, but I'd just like to
point out that GitHub isn't our mode of communication nor does it host
our official source repository.

The source repository is hosted on the savannah servers and ideally
you should be using that as your upstream repo. The various GitHub
repositories are simply private forks for our personal usage. Also,
pull requests on GitHub for Wget are not a good idea since there is no
single repository that all of us follow. So if you want better /
faster code review and merging, you should only send your patches to
this mailing list.


On 19 January 2016 at 15:12, Tim Ruehsen <address@hidden> wrote:
> Hi Kushagra,
>
> On Tuesday 19 January 2016 12:51:59 Kushagra Singh wrote:
>> Hi,
>>
>> I am a second year student at studying CSE at IIIT Delhi. I was working on
>> implementing [1], suggested by Darnir so as to get a good understanding of
>> the wget source code.
>>
>> The draft updates, section 5.3, Step 8 of RC6265, regarding the secure
>> parameter in the set cookie header.
>>
>> The draft suggests that we should abort and not create a new cookie in case
>> the attribute value is "secure", and no secure protocol is present (no SSL).
>
> That is a good idea !
>
>> Presently, in the function "parse_set_cookie", cookie->secure is set to 1,
>> ignoring the value in the "secure" attribute of the cookie-attribute-list
>> (line 443, cookies.c). Shouldn't the value of cookie->secure be set
>> according to the attribute value sent in the attribute-list?
>
> Just see RFC6265 5.2.5. 'secure' is a value-less attribute.
>
>> Since the secure flag is always set, point 2 in the draft also becomes
>> irrelevant, since it suggests changes when the secure flag is not set.
>
> It is not always set. It is set when 'secure' appears as attribute in a Set-
> Cookie header.
>
>> I guess we should change the code so that it sets the cookie->secure flag
>> only in case the attribute-list says so. Or has this been done because of
>> some other reason?
>
> See above. It's ok as it is right now.
>
>> I also am not sure how I can contribute code to wget. In the past I have
>> used Github, where I could fork, add code and send pull requests. I am a
>> bit unfamiliar with the way it is done for wget. I'll be grateful if
>> someone could help me out with this.
>
> There is no problem in using Github, except pull requests.
>
> You very likely have a local repository (a clone from your Github repo).
> Let's say the last 3 commits of your local repo are ready for contribution -
> now create three patch files with:
> $ git format-patch -3
>
> Now send an email to address@hidden and attach the patch files that you just
> generated. See 'git log' on how you commits should look alike.
>
> And don't hesitate to ask more questions here if you feel the need.
>
> Regards, Tim



-- 
Thanking You,
Darshit Shah
reply via email to
[Prev in Thread] Current Thread [Next in Thread]