[Webkit-unassigned] [Bug 111060] [Curl] Session cookies should not be persistent.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 1 06:03:13 PST 2013


https://bugs.webkit.org/show_bug.cgi?id=111060





--- Comment #3 from peavo at outlook.com  2013-03-01 06:05:37 PST ---
(In reply to comment #2)
> (From update of attachment 190688 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=190688&action=review
> 
> The change looks fine, but I don't see that session cookies are being cleared out, unless the call to curl_easy_cleanup() is doing this when the CURLopt_COOKIESESSION  is enabled. That this is correct?
> Can you confirm?
> 
> > Source/WebCore/platform/network/curl/ResourceHandleManager.cpp:779
> > +    curl_easy_cleanup(curl);
> 
> So, does this call cause cURL To discard  the session cookies?

Yes, you are absolutely right.

The documentation states that when a cookie file is set (with CURLOPT_COOKIEJAR),
all known cookies will be written to this file when curl_easy_cleanup() is called.
Setting CURLOPT_COOKIESESSION to 1 before closing the handle will remove all session cookies before the cookie database is written to disk.
Also see http://curl.haxx.se/libcurl/c/curl_easy_setopt.html (CURLOPT_COOKIEJAR and CURLOPT_COOKIESESSION).

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list