diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2020-01-29 09:57:50 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2020-01-29 16:01:23 +0100 |
| commit | 5af0165562f35d06b9db6c9844203ad33a4a8ee6 (patch) | |
| tree | 48bcfd449702e1f15472fcbacac349fd187b16fa | |
| parent | 0a7b7a9d401fddd5bcde6801b1813794a2744766 (diff) | |
| download | curl-5af0165562f35d06b9db6c9844203ad33a4a8ee6.tar.gz | |
cookie: check __Secure- and __Host- case sensitively
While most keywords in cookies are case insensitive, these prefixes are
specified explicitly to get checked "with a case-sensitive match".
(From the 6265bis document in progress)
Ref: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04
Closes #4864
| -rw-r--r-- | lib/cookie.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index 0091132aa..fa3337598 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -537,9 +537,9 @@ Curl_cookie_add(struct Curl_easy *data, * only test for names where that can possibly be true. */ if(nlen > 3 && name[0] == '_' && name[1] == '_') { - if(strncasecompare("__Secure-", name, 9)) + if(!strncmp("__Secure-", name, 9)) co->prefix |= COOKIE_PREFIX__SECURE; - else if(strncasecompare("__Host-", name, 7)) + else if(!strncmp("__Host-", name, 7)) co->prefix |= COOKIE_PREFIX__HOST; } |