[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Implementing draft to update RFC6265

From: Darshit Shah
Subject: Re: [Bug-wget] Implementing draft to update RFC6265
Date: Sun, 24 Jan 2016 00:09:06 +0100

On 23 January 2016 at 23:36, Kushagra Singh
<address@hidden> wrote:
> Thanks a lot for the help!
> I've made some progress, but have a couple of more questions
> - I can't manage to find the http-only-flag in the cookie struct, do we not
> store this?
Since Wget supports only HTTP, this is not required. The HttpOnly
attribute prevents access to script code, but since Wget never
executes them it is not necessary at all. Although, it may be a good
idea to explicitly store the flag for Wget saves the cookies to a
file. Maybe, we should add this.

> - The draft asks to check whether the "scheme" component of the
> "request-uri" denotes a secure protocol or not. Currently I am checking
> using "#ifdef HAVE_SSL". I am not sure whether this is the right way to do
> so, since having SSL with wget does not necessarily mean that the current
> connection is secure.

Ideally, a code base should have as few #ifdef statements as possible.
They make reading the code very difficult for a human. That said, in
this scenario it is the absolute wrong technique. You will want to
access the scheme from the request URI. Find a way to access this
information, you may need to change some method prototypes to make
this happen.

> - To check whether there exists a cookie whose domain, domain-matches the
> domain of a new cookie, we should iterate through the chains returned by
> find_chains_of_host right?

That ought to work, I think.

> Regards,
> Kush

Thanking You,
Darshit Shah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]