o gtls: fix for builds lacking encrypted key file support [11]
o SCP: use libssh2_scp_recv2 to support > 2GB files on windows [12]
o CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option [13]
+ o cookie: do not refuse cookies to localhost [14]
This release includes the following known bugs:
[11] = https://curl.haxx.se/bug/?i=651
[12] = https://curl.haxx.se/bug/?i=451
[13] = https://curl.haxx.se/bug/?i=653
+ [14] = https://curl.haxx.se/bug/?i=658
#ifdef USE_LIBPSL
/* Check if the domain is a Public Suffix and if yes, ignore the cookie.
This needs a libpsl compiled with builtin data. */
- if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {
- if(psl_is_public_suffix(psl, co->domain)) {
- infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",
- co->name, co->domain);
+ if(domain && co->domain && !isip(co->domain)) {
+ if(((psl = psl_builtin()) != NULL)
+ && !psl_is_cookie_domain_acceptable(psl, domain, co->domain)) {
+ infof(data,
+ "cookie '%s' dropped, domain '%s' must not set cookies for '%s'\n",
+ co->name, domain, co->domain);
freecookie(co);
return NULL;
}
.www.example.ck TRUE / FALSE 0 test2 allowed2
.www.ck TRUE / FALSE 0 test4 allowed4
+.z-1.compute-1.amazonaws.com TRUE / FALSE 0 test5 forbidden5
</file>
</verify>
</testcase>
projects / curl / commitdiff