mirror of
https://github.com/curl/curl.git
synced 2026-06-21 04:05:38 +03:00
fdd6ba3580
The header path matches these prefixes case sensitively, as 5af0165562
made it for cookie spec reasons, but the Netscape cookie-file path still
used a case-insensitive match. Align the file path so a differently
cased name like __secure-x is treated as an ordinary cookie instead of
being put through the prefix integrity checks.
Extended test 2311 to cover it.
Closes #22085
58 lines
1 KiB
XML
58 lines
1 KiB
XML
<?xml version="1.0" encoding="US-ASCII"?>
|
|
<testcase>
|
|
<info>
|
|
<keywords>
|
|
HTTP
|
|
HTTP GET
|
|
HTTP proxy
|
|
cookies
|
|
</keywords>
|
|
</info>
|
|
|
|
# Server-side
|
|
<reply>
|
|
<data crlf="headers">
|
|
HTTP/1.1 200 OK
|
|
Server: test-server/fake
|
|
Content-Length: 21
|
|
|
|
This server says moo
|
|
</data>
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
http
|
|
</server>
|
|
<name>
|
|
Cookie from file: control octet rejected, prefixes matched case sensitively
|
|
</name>
|
|
<command>
|
|
http://example.fake/%TESTNUMBER -b %LOGDIR/injar%TESTNUMBER -x %HOSTIP:%HTTPPORT
|
|
</command>
|
|
<file name="%LOGDIR/injar%TESTNUMBER">
|
|
example.fake FALSE / FALSE 0 clean good
|
|
example.fake FALSE / FALSE 0 bad %hex[ba%07d]hex%
|
|
example.fake FALSE / FALSE 0 __secure-x yes
|
|
example.fake FALSE / FALSE 0 __Secure-y no
|
|
</file>
|
|
<features>
|
|
cookies
|
|
proxy
|
|
</features>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
<verify>
|
|
<protocol crlf="headers">
|
|
GET http://example.fake/%TESTNUMBER HTTP/1.1
|
|
Host: example.fake
|
|
User-Agent: curl/%VERSION
|
|
Accept: */*
|
|
Proxy-Connection: Keep-Alive
|
|
Cookie: __secure-x=yes; clean=good
|
|
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|