* This supports Netscape version 0 cookies while being tolerant to
* some properties of RFC2109/2965 version 1 cookies:
* - case-insensitive match of cookie names
- * - white space around the '='
+ * - white space between the tokens
* It does not support the following version 1 features:
* - quoted strings as cookie values
* - commas to separate cookies
apr_collapse_spaces(name, name);
if (!strcasecmp(name, a) && (value = apr_strtok(NULL, "=", &last2))) {
- value += strspn(value, " \t"); /* Move past WS */
+ char *last;
+ value += strspn(value, " \t"); /* Move past leading WS */
+ last = value + strlen(value);
+ while (last >= value && apr_isspace(*last)) {
+ *last = '\0';
+ --last;
+ }
+
return ap_escape_logitem(r->pool, value);
}
cookies = NULL;
projects / apache / commitdiff