#
c074ba64 |
| 01-Jul-2024 |
Daniel Stenberg |
code: language cleanup in comments Based on the standards and guidelines we use for our documentation. - expand contractions (they're => they are etc) - host name = > hostname
code: language cleanup in comments Based on the standards and guidelines we use for our documentation. - expand contractions (they're => they are etc) - host name = > hostname - file name => filename - user name = username - man page => manpage - run-time => runtime - set-up => setup - back-end => backend - a HTTP => an HTTP - Two spaces after a period => one space after period Closes #14073
show more ...
|
#
f88cc654 |
| 15-Sep-2023 |
Daniel Stenberg |
cookie: reduce variable scope, add const
|
#
8c285a76 |
| 15-Sep-2023 |
Daniel Stenberg |
cookie: do not store the expire or max-age strings Convert it to an expire time at once and save memory. Closes #11862
|
#
61275672 |
| 14-Sep-2023 |
Daniel Stenberg |
cookie: remove unnecessary struct fields Plus: reduce the hash table size from 256 to 63. It seems unlikely to make much of a speed difference for most use cases but saves 1.5KB of d
cookie: remove unnecessary struct fields Plus: reduce the hash table size from 256 to 63. It seems unlikely to make much of a speed difference for most use cases but saves 1.5KB of data per instance. Closes #11862
show more ...
|
#
d334b029 |
| 17-May-2023 |
Daniel Stenberg |
cookie: update the comment on cookie length and size limits To refer to the proper cookie RFC and the upcoming RFC refresh. Closes #11127
|
#
b1b326ec |
| 11-Apr-2023 |
Daniel Stenberg |
cookie: clarify that init with data set to NULL reads no file ... and make Curl_cookie_add() require 'data' being set proper with an assert. The function has not worked with a N
cookie: clarify that init with data set to NULL reads no file ... and make Curl_cookie_add() require 'data' being set proper with an assert. The function has not worked with a NULL data for quite some time so this just corrects the code and comment. This is a different take than the proposed fixed in #10927 Reported-by: Kvarec Lezki Ref: #10929 Closes #10930
show more ...
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
48d7064a |
| 26-Jun-2022 |
Daniel Stenberg |
cookie: apply limits - Send no more than 150 cookies per request - Cap the max length used for a cookie: header to 8K - Cap the max number of received Set-Cookie: headers to 50
cookie: apply limits - Send no more than 150 cookies per request - Cap the max length used for a cookie: header to 8K - Cap the max number of received Set-Cookie: headers to 50 Bug: https://curl.se/docs/CVE-2022-32205.html CVE-2022-32205 Reported-by: Harry Sintonen Closes #9048
show more ...
|
#
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
show more ...
|
#
1bd4b3f4 |
| 08-Jun-2021 |
Daniel Gustafsson |
cookies: track expiration in jar to optimize removals Removing expired cookies needs to be a fast operation since we want to be able to perform it often and speculatively. By tracking th
cookies: track expiration in jar to optimize removals Removing expired cookies needs to be a fast operation since we want to be able to perform it often and speculatively. By tracking the timestamp of the next known expiration we can exit early in case the timestamp is in the future. Closes: #7172 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
#
4e76905b |
| 23-Feb-2021 |
Daniel Gustafsson |
cookies: Use named parameters in header prototypes Align header with project style of using named parameters in the function prototypes to aid readability and self-documentation.
cookies: Use named parameters in header prototypes Align header with project style of using named parameters in the function prototypes to aid readability and self-documentation. Closes #6653 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
Revision tags: curl-7_75_0 |
|
#
f6d13090 |
| 29-Jan-2021 |
Daniel Stenberg |
copyright: fix missing year (range) updates
|
#
0a582757 |
| 16-Jan-2021 |
Erik Olsson |
lib: save a bit of space with some structure packing - Reorder some internal struct members so that less padding is used. This is an attempt at saving a bit of space by packing some
lib: save a bit of space with some structure packing - Reorder some internal struct members so that less padding is used. This is an attempt at saving a bit of space by packing some structs (using pahole to find the holes) where it might make sense to do so without losing readability. I.e., I tried to avoid separating fields that seem grouped together (like the cwd... fields in struct ftp_conn for instance). Also abstained from touching fields behind conditional macros as that quickly can get complicated. Closes https://github.com/curl/curl/pull/6483
show more ...
|
Revision tags: curl-7_74_0 |
|
#
ac0a88fd |
| 05-Nov-2020 |
Daniel Stenberg |
copyright: fix year ranges Follow-up from 4d2f8006777
|
#
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home Closes #6172
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0, curl-7_68_0, curl-7_67_0 |
|
#
249541f1 |
| 03-Oct-2019 |
Daniel Stenberg |
cookies: change argument type for Curl_flush_cookies The second argument is really a 'bool' so use that and pass in TRUE/FALSE to make it clear. Closes #4455
|
Revision tags: curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0 |
|
#
060f870b |
| 30-Mar-2019 |
Po-Chuan Hsieh |
altsvc: Fix building with cookies disables ALTSVC requires Curl_get_line which is defined in lib/cookie.c inside a #if check of HTTP and COOKIES. That makes Curl_get_line undefined if CO
altsvc: Fix building with cookies disables ALTSVC requires Curl_get_line which is defined in lib/cookie.c inside a #if check of HTTP and COOKIES. That makes Curl_get_line undefined if COOKIES is disabled. Fix by splitting out the function into a separate file which can be included where needed. Closes #3717 Reviewed-by: Daniel Gustafsson <daniel@yesql.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
show more ...
|
Revision tags: curl-7_64_1 |
|
#
e1be8254 |
| 03-Mar-2019 |
Daniel Stenberg |
alt-svc: the libcurl bits
|
#
e6522522 |
| 16-Feb-2019 |
Daniel Gustafsson |
cookie: Add support for cookie prefixes The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes and how they should affect cookie initialization, which has been adopted
cookie: Add support for cookie prefixes The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes and how they should affect cookie initialization, which has been adopted by the major browsers. This adds support for the two prefixes defined, __Host- and __Secure, and updates the testcase with the supplied examples from the draft. Closes #3554 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
Revision tags: curl-7_64_0 |
|
#
7a09b52c |
| 13-Dec-2018 |
Daniel Gustafsson |
cookies: leave secure cookies alone Only allow secure origins to be able to write cookies with the 'secure' flag set. This reduces the risk of non-secure origins to influence the sta
cookies: leave secure cookies alone Only allow secure origins to be able to write cookies with the 'secure' flag set. This reduces the risk of non-secure origins to influence the state of secure origins. This implements IETF Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates RFC6265. Closes #2956 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
Revision tags: curl-7_63_0, curl-7_62_0, curl-7_61_1 |
|
#
e2ef8d6f |
| 28-Aug-2018 |
Daniel Gustafsson |
cookies: support creation-time attribute for cookies According to RFC6265 section 5.4, cookies with equal path lengths SHOULD be sorted by creation-time (earlier first). This adds a
cookies: support creation-time attribute for cookies According to RFC6265 section 5.4, cookies with equal path lengths SHOULD be sorted by creation-time (earlier first). This adds a creation-time record to the cookie struct in order to make cookie sorting more deterministic. The creation-time is defined as the order of the cookies in the jar, the first cookie read fro the jar being the oldest. The creation-time is thus not serialized into the jar. Also remove the strcmp() matching in the sorting as there is no lexicographic ordering in RFC6265. Existing tests are updated to match. Closes #2524
show more ...
|
Revision tags: curl-7_61_0, curl-7_60_0 |
|
#
85437697 |
| 26-Apr-2018 |
Daniel Gustafsson |
cookies: remove unused macro Commit 2bc230de63 made the macro MAX_COOKIE_LINE_TXT become unused, so remove as it's not part of the published API. Closes https://github.com/curl/
cookies: remove unused macro Commit 2bc230de63 made the macro MAX_COOKIE_LINE_TXT become unused, so remove as it's not part of the published API. Closes https://github.com/curl/curl/pull/2537
show more ...
|
#
c990eadd |
| 30-Mar-2018 |
Lauri Kasanen |
cookie: store cookies per top-level-domain-specific hash table This makes libcurl handle thousands of cookies much better and speedier. Closes #2440
|
#
4073cd83 |
| 30-Mar-2018 |
Lauri Kasanen |
cookies: when reading from a file, only remove_expired once This drops the cookie load time for 8k cookies from 178ms to 15ms. Closes #2441
|
Revision tags: curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0 |
|
#
2bc230de |
| 17-Sep-2017 |
Daniel Stenberg |
cookies: reject oversized cookies ... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4
cookies: reject oversized cookies ... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4096 bytes (section 6.1). This is also what browsers seem to implement. We now allow max 5000 bytes cookie header. Max 4095 bytes length per cookie name and value. Name + value together may not exceed 4096 bytes. Added test 1151 to verify Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html Reported-by: Kevin Smith Closes #1894
show more ...
|