[Dillo-dev] [patch]: Ignore the "HttpOnly" cookie attribute
Jeremy Henty
onepoint at starurchin.org
Wed Oct 15 13:17:26 CEST 2008
I submitted this before, but it vanished without comment. The
Wikipedia login sets a cookie with an "HttpOnly" attribute, which
Dillo rejects. This means that vanilla Dillo cannot login to
Wikipedia. This patch fixes this by silently ignoring the attribute.
See the dillo-dev discussion at
http://lists.auriga.wearlab.de/pipermail/dillo-dev/2008-October/005042.html
Regards,
Jeremy Henty
-------------- next part --------------
>From f6290d8b7fa3c260dacd6190592e71ae75d1ffc5 Mon Sep 17 00:00:00 2001
From: Jeremy Henty <onepoint at starurchin.org>
Date: Fri, 10 Oct 2008 02:05:09 +0100
Subject: [PATCH] Cookies: ignore the "HttpOnly" attribute.
---
dpi/cookies.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/dpi/cookies.c b/dpi/cookies.c
index b764137..62ea545 100644
--- a/dpi/cookies.c
+++ b/dpi/cookies.c
@@ -909,6 +909,9 @@ static CookieData_t *Cookies_parse_one(int url_port, char **cookie_str)
}
} else if (dStrcasecmp(attr, "Secure") == 0) {
cookie->secure = TRUE;
+ } else if (dStrcasecmp(attr, "HttpOnly") == 0) {
+ // this case intentionally left blank, we because do not (yet)
+ // do client-side scripting
} else {
/* Oops! this can't be good... */
MSG("Cookie contains unknown attribute: '%s'\n", attr);
--
1.6.0.2
More information about the Dillo-dev
mailing list