[Webkit-unassigned] [Bug 191406] [Curl] Reject the entire cookie if the domain fails a tailmatch.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Nov 7 16:12:26 PST 2018


--- Comment #1 from Basuke Suzuki <Basuke.Suzuki at sony.com> ---
The entire cookie needs to be rejected if a site tries to set a cookie that fails these conditions.

Basically the domain attribute of a cookie must either be an exact match, or a suffix starting at the start of a %2e (".") separated domain part that is not an IP address.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181108/eeeae2c5/attachment.html>

More information about the webkit-unassigned mailing list