Summary: | [Curl] Session cookies should not be persistent. | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | peavo | ||||
Component: | WebCore Misc. | Assignee: | Nobody <webkit-unassigned> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | bfulgham, webkit.review.bot | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | PC | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
peavo
2013-02-28 02:25:05 PST
Created attachment 190688 [details]
Patch
Comment on attachment 190688 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=190688&action=review The change looks fine, but I don't see that session cookies are being cleared out, unless the call to curl_easy_cleanup() is doing this when the CURLopt_COOKIESESSION is enabled. That this is correct? Can you confirm? > Source/WebCore/platform/network/curl/ResourceHandleManager.cpp:779 > + curl_easy_cleanup(curl); So, does this call cause cURL To discard the session cookies? (In reply to comment #2) > (From update of attachment 190688 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=190688&action=review > > The change looks fine, but I don't see that session cookies are being cleared out, unless the call to curl_easy_cleanup() is doing this when the CURLopt_COOKIESESSION is enabled. That this is correct? > Can you confirm? > > > Source/WebCore/platform/network/curl/ResourceHandleManager.cpp:779 > > + curl_easy_cleanup(curl); > > So, does this call cause cURL To discard the session cookies? Yes, you are absolutely right. The documentation states that when a cookie file is set (with CURLOPT_COOKIEJAR), all known cookies will be written to this file when curl_easy_cleanup() is called. Setting CURLOPT_COOKIESESSION to 1 before closing the handle will remove all session cookies before the cookie database is written to disk. Also see http://curl.haxx.se/libcurl/c/curl_easy_setopt.html (CURLOPT_COOKIEJAR and CURLOPT_COOKIESESSION). Comment on attachment 190688 [details]
Patch
R=me
Comment on attachment 190688 [details] Patch Clearing flags on attachment: 190688 Committed r144474: <http://trac.webkit.org/changeset/144474> All reviewed patches have been landed. Closing bug. (In reply to comment #4) > (From update of attachment 190688 [details]) > R=me Thanks for reviewing ;) |