diff options
| author | Daniel Gustafsson <daniel@yesql.se> | 2019-02-17 00:09:30 +0100 |
|---|---|---|
| committer | Daniel Gustafsson <daniel@yesql.se> | 2019-02-17 00:09:30 +0100 |
| commit | e6522522f96ad96b459e608c6cdcd46a32099b5b (patch) | |
| tree | 34c27ca15b6292ed1cd9afe46cdc9176fbcedbc7 /docs | |
| parent | 0299b262cd9c75adab546f4851c03995d98d61e1 (diff) | |
| download | curl-e6522522f96ad96b459e608c6cdcd46a32099b5b.tar.gz | |
cookie: Add support for cookie prefixes
The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.
Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/HTTP-COOKIES.md | 11 | ||||
| -rw-r--r-- | docs/ROADMAP.md | 10 |
2 files changed, 9 insertions, 12 deletions
diff --git a/docs/HTTP-COOKIES.md b/docs/HTTP-COOKIES.md index 66e39d232..632cb4ebe 100644 --- a/docs/HTTP-COOKIES.md +++ b/docs/HTTP-COOKIES.md @@ -18,9 +18,16 @@ original [Netscape spec from 1994](https://curl.haxx.se/rfc/cookie_spec.html). In 2011, [RFC6265](https://www.ietf.org/rfc/rfc6265.txt) was finally - published and details how cookies work within HTTP. In 2017, an update was + published and details how cookies work within HTTP. In 2016, an update which + added support for prefixes was + [proposed](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00), + and in 2017, another update was [drafted](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01) - to deprecate modification of 'secure' cookies from non-secure origins. + to deprecate modification of 'secure' cookies from non-secure origins. Both + of these drafs have been incorporated into a proposal to + [replace](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02) + RFC6265. Cookie prefixes and secure cookie modification protection has been + implemented by curl. ## Cookies saved to disk diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index 497c45b54..cbcaa2235 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -10,16 +10,6 @@ QUIC See the [QUIC wiki page](https://github.com/curl/curl/wiki/QUIC). -HTTP cookies ------------- - -On top of what we already support, the prefix cookie draft has been adopted by -the httpwg in IETF and we should support it as the popular browsers will: - -[Cookie Prefixes](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00) - -[Firefox bug report about secure cookies](https://bugzilla.mozilla.org/show_bug.cgi?id=976073) - SRV records ----------- |