http: supersede domainless cookies

The scope of cookies without a domain is limited to the current server. The current logic is always wrong because either it's the same server and the new cookie should supersede the old one, or it's a different server and the old cookie should not be sent. This logic is still far from RFC-compliant, but at least it should get it right some of the time.

http: supersede domainless cookies
The scope of cookies without a domain is limited to the current server. The current logic is always wrong because either it's the same server and the new cookie should supersede the old one, or it's a different server and the old cookie should not be sent. This logic is still far from RFC-compliant, but at least it should get it right some of the time.
ca0c548c · Pierre Ynard · 34b0c609 · ca0c548c
Commit ca0c548c authored May 14, 2012 by Pierre Ynard
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

modules/access/http.c modules/access/http.c +4 -2

No files found.
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -1720,8 +1720,10 @@ static void cookie_append( vlc_array_t * cookies, char * cookie )

        assert( current_cookie_name );

-        bool is_domain_matching = ( cookie_domain && current_cookie_domain &&
-                                         !strcmp( cookie_domain, current_cookie_domain ) );
+        bool is_domain_matching = (
+                      ( !cookie_domain && !current_cookie_domain ) ||
+                      ( cookie_domain && current_cookie_domain &&
+                        !strcmp( cookie_domain, current_cookie_domain ) ) );

        if( is_domain_matching && !strcmp( cookie_name, current_cookie_name )  )
        {