| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Reviewed-by: Trust Me
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem was the following: According to the cookie RFC, domains must
have at least one dot in their name for setting a cookie (e.g. domain
example.com can set a cookie for ".example.com" but not for ".com").
The problem is: Following this rule, one could still set "supercookies"
for e.g. ".co.uk".
The solution is to generate a table from
http://publicsuffix.org which maintains a list of all "effective" TLDs
like e.g. ".co.uk".
Reviewed-by: Olivier Goffart
Task-number: QTBUG-14706
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://bugreports.qt.nokia.com/browse/QTBUG-9618
QtWebKit currently fails the following test:
LayoutTests/http/tests/xmlhttprequest/cookies.html
This is because QNetworkCookieJar::cookiesForUrl returns secure
cookies even when the connection is not secure.
A 'secure' cookie is set by response headers from a http server as follows:
'Set-Cookie: cookie-name=value; secure'
Correct QNetworkCookieJar::cookiesForUrl to ignore secure cookies when the
url in the request is not 'https:'.
Task-number: QTBUG-9618
Merge-request: 2372
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
|
|
|
|
| |
Reviewed-by: Trust Me
|
|
|
|
|
|
|
|
|
|
|
|
| |
Actually, the RFC 2109 says cookies should not be stored if the path
attribute is not a prefix of the request URI the cookie comes from.
However, all browsers allow it anyway; with the demo browser e.g.
logging in to wordpress.com was not possible.
We still do path checking when sending cookies, i.e. in
QNetworkCookieJar::cookiesForUrl().
Reviewed-by: Markus Goetz
Task-number: QTBUG-5815
|
|
|
|
|
|
|
|
|
|
|
| |
instead than when parsing the cookie header.
This corrects the bug QT-2379, happening in the following sequence:
parseCookie -> setCookieUrl -> toRawForm -> parseCookie
where a default domain would now also have a dot prefix, and shouldn't.
QT-2379
Reviewed-by: Peter Hartmann
|
|
|
|
| |
Reviewed-by: Trust Me
|
|
|
|
| |
Reviewed-by: Trust Me
|
|
|
|
| |
Reviewed-by: Trust Me
|
|
into qnetworkcookiejar[h,_p.h,cpp].
one adjustment was necessary from the merge request:
The line 110 in qnetworkcookie.h needed to include
qnetworkcookiejar.h, not <QtNetwork/QNetworkCookieJar> .
Merge-request: 1015
Reviewed-by: Peter Hartmann
|