Jan Sundin reported a case where curl ignored a cookie that browsers don't, which turned up to be due to the number of dots in the 'domain'. I've now made curl follow the the original netscape cookie spec less strict on that part.

commit: 98ee12bc356e2635858049ba5e69a62bb7e5e9c2 [log] [tgz]
author: Daniel Stenberg <[email protected]> Mon Aug 04 23:05:57 2003 +0000
committer: Daniel Stenberg <[email protected]> Mon Aug 04 23:05:57 2003 +0000
tree: 38b40ba19d01789094cc85a117cb10a67c92692a
parent: fdda786fa21a6aa06748182e69c0922360c7dd5a [diff] [blame]
diff --git a/lib/cookie.c b/lib/cookie.c
index c988359..03065f9 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c

@@ -234,7 +234,13 @@
                 break;
               }
             }
-            if(dotcount < 3) {
+            /* The original Netscape cookie spec defined that this domain name
+               MUST have three dots (or two if one of the seven holy TLDs),
+               but it seems that these kinds of cookies are in use "out there"
+               so we cannot be that strict. I've therefore lowered the check
+               to not allow less than two dots. */
+            
+            if(dotcount < 2) {
               /* Received and skipped a cookie with a domain using too few
                  dots. */
               badcookie=TRUE; /* mark this as a bad cookie */
commit	98ee12bc356e2635858049ba5e69a62bb7e5e9c2	[log] [tgz]
author	Daniel Stenberg <[email protected]>	Mon Aug 04 23:05:57 2003 +0000
committer	Daniel Stenberg <[email protected]>	Mon Aug 04 23:05:57 2003 +0000
tree	38b40ba19d01789094cc85a117cb10a67c92692a
parent	fdda786fa21a6aa06748182e69c0922360c7dd5a [diff] [blame]