bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly

From:	Katsumi Yamaoka
Subject:	bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly
Date:	Thu, 07 Dec 2017 07:47:26 +0900
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (i686-pc-cygwin)

On Wed, 06 Dec 2017 06:46:00 -0500, Noam Postavsky wrote:
[...]
> In emacs-26, as of [1: caa39f495c], the second cookie is not present,
> but it looks like it unconditionally drops the HttpOnly attribute (and
> all other attributes?).  Is that the right thing?

Yes, I believe so.  Not only HttpOnly but also Expires, Max-Age,
etc. are only attributes of the cookie of which the name appeared
at the beginning of the Set-Cookie header.  Sending such ones to
certain web sites would cause an error as I mentioned below.

> [1: caa39f495c]: 2017-11-13 23:56:26 +0000
>   Fix cookie handling (bug#29282)
>   
> https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=caa39f495c0783dac2d5701100db83ea10f126c0

[Prev in Thread]

Current Thread

[Next in Thread]

bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly, Noam Postavsky, 2017/12/06
- bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly, Katsumi Yamaoka <=

Prev by Date: bug#29594: Emacs 26 -- xdisp.c:21657 OR xdisp.c:21671?
Next by Date: bug#29548: 25.2; How to DEBUG get-device-terminal
Previous by thread: bug#24757: 25.1.50; url-cookie.el creates phantom cookie for HttpOnly
Next by thread: bug#21057: [PATCH] nnimap.el: add support for IMAP namespaces
Index(es):
- Date
- Thread