Re: lynx-dev Version 0 cookie suggestion & minimal patch

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Version 0 cookie suggestion & minimal patch

From:	brian j. pardy
Subject:	Re: lynx-dev Version 0 cookie suggestion & minimal patch
Date:	Tue, 27 Oct 1998 21:35:03 -0800

Risto Widenius wrote:
[big snip]
> Would it be considered a security problem to relax the cookie sanity
> checking for version 0 (old) cookies _only when_ the user has
> accept_all_cookies set? As it is, Lynx already does accept cookies
> with invalid Domain attribute when accept_all_cookies is set.
> 
> I suggest the following change to LYCookie.c (for brevity's sake the
> patch doesn't fix indentation in the relevant passage of code). The
> patch is against lynx2.8.1pre11. I believe this would solve some of
> the recurrent cookie problems that have been unsolved in the past.

I haven't noticed any sites I've had the problem with, but I agree with
your thoughts here...

-- 
Old soldiers never die.  Young ones do.

[Prev in Thread]

Current Thread

[Next in Thread]

lynx-dev Version 0 cookie suggestion & minimal patch, Risto Widenius, 1998/10/27
- Re: lynx-dev Version 0 cookie suggestion & minimal patch, brian j. pardy <=

Prev by Date: Re: lynx-dev Autoconf patch for S/390
Next by Date: Re: lynx-dev Autoconf patch for S/390 (EBCDIC)
Previous by thread: lynx-dev Version 0 cookie suggestion & minimal patch
Next by thread: lynx-dev Anyone familar with the htmlcompendium?
Index(es):
- Date
- Thread