summaryrefslogtreecommitdiff
path: root/lib/cookie.c
diff options
context:
space:
mode:
authorTim Rühsen <tim.ruehsen@gmx.de>2015-09-29 11:33:01 +0200
committerDaniel Stenberg <daniel@haxx.se>2015-10-17 16:37:49 +0200
commite77b5b7453c1e8ccd7ec0816890d98e2f392e465 (patch)
treeae7b513cc29249c745755a353ecc240dee912f0f /lib/cookie.c
parent684816cd9b846a955947ef57e269b12e5224f408 (diff)
downloadcurl-e77b5b7453c1e8ccd7ec0816890d98e2f392e465.tar.gz
cookies: Add support for Mozilla's Publix Suffix List
Use libpsl to check the domain value of Set-Cookie headers (and cookie jar entries) for not being a Publix Suffix. The configure script checks for "libpsl" by default. Disable the check with --without-libpsl. Ref: https://publicsuffix.org/ Ref: https://github.com/publicsuffix/list Ref: https://github.com/rockdaboot/libpsl
Diffstat (limited to 'lib/cookie.c')
-rw-r--r--lib/cookie.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/cookie.c b/lib/cookie.c
index 22730cff4..57a0441f6 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -84,6 +84,10 @@ Example set of cookies:
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
+#ifdef USE_LIBPSL
+# include <libpsl.h>
+#endif
+
#include "curl_printf.h"
#include "urldata.h"
#include "cookie.h"
@@ -379,6 +383,10 @@ Curl_cookie_add(struct SessionHandle *data,
bool replace_old = FALSE;
bool badcookie = FALSE; /* cookies are good by default. mmmmm yummy */
+#ifdef USE_LIBPSL
+ const psl_ctx_t *psl;
+#endif
+
#ifdef CURL_DISABLE_VERBOSE_STRINGS
(void)data;
#endif
@@ -777,6 +785,19 @@ Curl_cookie_add(struct SessionHandle *data,
/* at first, remove expired cookies */
remove_expired(c);
+#ifdef USE_LIBPSL
+ /* Check if the domain is a Public Suffix and if yes, ignore the cookie.
+ This needs a libpsl compiled with builtin data. */
+ if(co->domain && !isip(co->domain) && (psl = psl_builtin()) != NULL) {
+ if(psl_is_public_suffix(psl, co->domain)) {
+ infof(data, "cookie '%s' dropped, domain '%s' is a public suffix\n",
+ co->name, co->domain);
+ freecookie(co);
+ return NULL;
+ }
+ }
+#endif
+
clist = c->cookies;
replace_old = FALSE;
while(clist) {