diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2023-05-17 16:19:25 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2023-05-17 16:19:25 +0200 |
| commit | b2e5ca45cbb2338a14ee0aeac896e43c7272ae4a (patch) | |
| tree | e09dff2a3b09c2abd741678bf67ab17f7b544453 | |
| parent | 40729ae3c4883ba17de72e96da3082f5cac376ce (diff) | |
| download | curl-b2e5ca45cbb2338a14ee0aeac896e43c7272ae4a.tar.gz | |
fixup rephrases
| -rw-r--r-- | lib/cookie.h | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/lib/cookie.h b/lib/cookie.h index 77c3f6124..d70f648e7 100644 --- a/lib/cookie.h +++ b/lib/cookie.h @@ -69,9 +69,9 @@ struct CookieInfo { curl_off_t next_expiration; /* the next time at which expiration happens */ }; -/* This is the maximum line length we accept for a cookie line. RFC 6265 - section 6.1 says "general-use user agents SHOULD provide each of the - following minimum capabilities": +/* The maximum sizes we accept for a cookies. RFC 6265 section 6.1 says + "general-use user agents SHOULD provide each of the following minimum + capabilities": - At least 4096 bytes per cookie (as measured by the sum of the length of the cookie's name, value, and attributes). @@ -80,17 +80,25 @@ struct CookieInfo { "If the sum of the lengths of the name string and the value string is more than 4096 octets, abort these steps and ignore the set-cookie-string entirely." +*/ - We allow max 5000 bytes cookie header. Max 4095 bytes length per cookie - name and value. Name + value may not exceed 4096 bytes. +/** Limits for INCOMING cookies **/ -*/ +/* The longest we allow a line to be when reading a cookie from a HTTP header + or from a cookie jar */ #define MAX_COOKIE_LINE 5000 /* Maximum length of an incoming cookie name or content we deal with. Longer cookies are ignored. */ #define MAX_NAME 4096 +/* Maximum number of Set-Cookie: lines accepted in a single response. If more + such header lines are received, they are ignored. This value must be less + than 256 since an unsigned char is used to count. */ +#define MAX_SET_COOKIE_AMOUNT 50 + +/** Limits for OUTGOING cookies **/ + /* Maximum size for an outgoing cookie line libcurl will use in an http request. This is the default maximum length used in some versions of Apache httpd. */ @@ -101,11 +109,6 @@ struct CookieInfo { keep the maximum HTTP request within the maximum allowed size. */ #define MAX_COOKIE_SEND_AMOUNT 150 -/* Maximum number of Set-Cookie: lines accepted in a single response. If more - such header lines are received, they are ignored. This value must be less - than 256 since an unsigned char is used to count. */ -#define MAX_SET_COOKIE_AMOUNT 50 - struct Curl_easy; /* * Add a cookie to the internal list of cookies. The domain and path arguments |