46 lines
1.7 KiB
Diff
46 lines
1.7 KiB
Diff
From 565d0ca2b19682e41878e473d3895f89ba3412cf Mon Sep 17 00:00:00 2001
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Tue, 20 Dec 2022 10:07:36 +0100
|
|
Subject: [PATCH] http: fix the ::1 comparison for IPv6 localhost for cookies
|
|
|
|
When checking if there is a "secure context", which it is if the
|
|
connection is to localhost even if the protocol is HTTP, the comparison
|
|
for ::1 was done incorrectly and included brackets.
|
|
|
|
Reported-by: BratSinot on github
|
|
|
|
Fixes #10120
|
|
Closes #10121
|
|
|
|
Conflict: context adapt
|
|
Reference: https://github.com/curl/curl/commit/565d0ca2b19682e41878e473d3895f89ba3412cf
|
|
---
|
|
lib/http.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/lib/http.c b/lib/http.c
|
|
index 328dafa..1afbad0 100644
|
|
--- a/lib/http.c
|
|
+++ b/lib/http.c
|
|
@@ -2729,7 +2729,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data,
|
|
conn->handler->protocol&CURLPROTO_HTTPS ||
|
|
strcasecompare("localhost", host) ||
|
|
!strcmp(host, "127.0.0.1") ||
|
|
- !strcmp(host, "[::1]") ? TRUE : FALSE;
|
|
+ !strcmp(host, "::1") ? TRUE : FALSE;
|
|
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
|
|
co = Curl_cookie_getlist(data, data->cookies, host, data->state.up.path,
|
|
secure_context);
|
|
@@ -3604,7 +3604,7 @@ CURLcode Curl_http_header(struct Curl_easy *data, struct connectdata *conn,
|
|
conn->handler->protocol&CURLPROTO_HTTPS ||
|
|
strcasecompare("localhost", host) ||
|
|
!strcmp(host, "127.0.0.1") ||
|
|
- !strcmp(host, "[::1]") ? TRUE : FALSE;
|
|
+ !strcmp(host, "::1") ? TRUE : FALSE;
|
|
|
|
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE,
|
|
CURL_LOCK_ACCESS_SINGLE);
|
|
--
|
|
2.33.0
|
|
|