[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev cookie version weirdness
From: |
Klaus Weide |
Subject: |
Re: lynx-dev cookie version weirdness |
Date: |
Sat, 13 Feb 1999 23:22:53 -0600 (CST) |
On Sat, 13 Feb 1999, brian j pardy wrote:
> In working on implementing this tighter configuration of cookie
> checking, I've come across a problem -- it seems like store_cookie()
> is not EVER being sent a cookie with version = 1.
>
> So this code in the current dev version (LYCookie.c:279):
>
> if (co->version != 0 || !LYAcceptAllCookies) {
> /*
> * Apply sanity checks.
> [all of the sanity checks]
> }
>
> will only be hit if LYAcceptAllCookies is not set. I want to remove
> the check on LYAcceptAllCookies here and leave it only as:
>
> if(co->version != 0) {
> [do sanity checks]
> }
No, you don't want to check there for the version at all, I think.
From what I understood from the list archives, the version check was
put there together with the LYAcceptAllCookies condition, to limit
the effect of LYAcceptAllCookies to version 0. I.e. to never skip
the "sanity checks" for version 1. The way you restructured it, it
has kind of the opposite effect, always skip the checks for version 0.
You should get rif of the surrounding "if(co->version ", and either
make the checking stricter for version >0 in the individual checks,
or just ignore the version difference.
> But it seems like every cookie sent there has a version of 0 set, even
> when the server is sending version 1 (from what I can see in the
> tracelog). Is this something anyone knows they've changed, or a
> longstanding bug that just became apparent?
Have you really seen a version 1 cookie in real life, or is this
a test you made? If you've seen any real ones, I'd be curious to
see some traces.
AFAIK, version 1 cookies aren't really being used anywhere today, but
I may be wrong.
Klaus