[Webkit-unassigned] [Bug 111060] [Curl] Session cookies should not be persistent.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 1 06:03:13 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=111060
--- Comment #3 from peavo at outlook.com 2013-03-01 06:05:37 PST ---
(In reply to comment #2)
> (From update of attachment 190688 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=190688&action=review
>
> The change looks fine, but I don't see that session cookies are being cleared out, unless the call to curl_easy_cleanup() is doing this when the CURLopt_COOKIESESSION is enabled. That this is correct?
> Can you confirm?
>
> > Source/WebCore/platform/network/curl/ResourceHandleManager.cpp:779
> > + curl_easy_cleanup(curl);
>
> So, does this call cause cURL To discard the session cookies?
Yes, you are absolutely right.
The documentation states that when a cookie file is set (with CURLOPT_COOKIEJAR),
all known cookies will be written to this file when curl_easy_cleanup() is called.
Setting CURLOPT_COOKIESESSION to 1 before closing the handle will remove all session cookies before the cookie database is written to disk.
Also see http://curl.haxx.se/libcurl/c/curl_easy_setopt.html (CURLOPT_COOKIEJAR and CURLOPT_COOKIESESSION).
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list