romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-16 18:46:24 +03:00
Code Issues Projects Releases Packages Wiki Activity

cookie: compare path case sensitively

Browse source 
Verify with test 1645

Reported-by: Joshua Rogers
Closes #21616
This commit is contained in:
Daniel Stenberg 2026-05-14 23:46:45 +02:00
parent 71430e87fd
commit a15cfeb100
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
3 changed files with 76 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/cookie.c
View file

@ -854,7 +854,7 @@ static bool replace_existing(struct Curl_easy *data,
else
cllen = strlen(clist->path);
if(curl_strnequal(clist->path, co->path, cllen)) {
if(!strncmp(clist->path, co->path, cllen)) {
infof(data, "cookie '%s' for domain '%s' dropped, would "
"overlay an existing cookie", co->name, co->domain);
return FALSE;
@ -878,7 +878,7 @@ static bool replace_existing(struct Curl_easy *data,
/* the domains were identical */
if(clist->path && co->path &&
!curl_strequal(clist->path, co->path))
strcmp(clist->path, co->path))
replace_old = FALSE;
else if(!clist->path != !co->path)
replace_old = FALSE;

2
tests/data/Makefile.am
View file

@ -217,7 +217,7 @@ test1620 test1621 test1622 test1623 test1624 test1625 test1626 test1627 \
test1628 \
\
test1630 test1631 test1632 test1633 test1634 test1635 test1636 test1637 \
test1638 test1639 test1640 test1641 test1642 test1643 test1644 \
test1638 test1639 test1640 test1641 test1642 test1643 test1644 test1645 \
\
test1650 test1651 test1652 test1653 test1654 test1655 test1656 test1657 \
test1658 test1659 test1660 test1661 test1662 test1663 test1664 test1665 \

73
tests/data/test1645 Normal file
View file

@ -0,0 +1,73 @@
<?xml version="1.0" encoding="US-ASCII"?>
<testcase>
<info>
<keywords>
HTTP
HTTP GET
cookies
cookiejar
</keywords>
</info>
# Server-side
<reply>
<data crlf="headers">
HTTP/1.1 200 OK
Content-Length: 4
Content-Type: text/html
Funny-head: yesyes
Set-Cookie: name=value; domain=test.curl; path=/we/want
boo
</data>
<data2 crlf="headers">
HTTP/1.1 200 OK
Content-Length: 4
Content-Type: text/html
Funny-head: yesyes
Set-Cookie: name=value; domain=test.curl; path=/WE/WANT
boo
</data2>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
cookies for paths using different case
</name>
<command>
http://test.curl:%HTTPPORT/we/want/ http://test.curl:%HTTPPORT/WE/WANT/%TESTNUMBER0002 -c %LOGDIR/jar%TESTNUMBER.txt --resolve test.curl:%HTTPPORT:%HOSTIP
</command>
<features>
cookies
</features>
</client>
# Verify data after the test has been "shot"
<verify>
<protocol crlf="headers">
GET /we/want/ HTTP/1.1
Host: test.curl:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
GET /WE/WANT/%TESTNUMBER0002 HTTP/1.1
Host: test.curl:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
</protocol>
<file name="%LOGDIR/jar%TESTNUMBER.txt" mode="text">
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
.test.curl TRUE /WE/WANT FALSE 0 name value
.test.curl TRUE /we/want FALSE 0 name value
</file>
</verify>
</testcase>