Commit 5d84b765 authored by Committed by ROOLBrowse files
Further correction for domain matching
The old-style cookie support stores the cookie domains with a leading full stop (e.g. .riscosopen.org) but if a cookie was created with HTTP_AddCookie you could get round this restriction. A cookie with domain riscosop.org created that way would have matched the host domain www.riscosopen.org. This change fixes that. This code will need to be revisited to implement RFC 6265 because of host-only matching and stripping the leading full stops, but for the moment this removes a domain-matching bug in the old-style cookie support. Version 1.08. Tagged as 'HTTP-1_08'
Showing with 20 additions and 11 deletions