[drakma-devel] dotless cookie domains
Edi Weitz
edi at agharta.de
Wed Jul 16 07:29:34 UTC 2008
Hi Daniel,
On Mon, 14 Jul 2008 18:26:40 +0200, Daniel Janus <daniel at sentivision.com> wrote:
> The current version of Drakma contains a check of cookie domains'
> validity. A (textual) domain is considered to be valid iff either
> it contains a dot or is exactly "localhost". I'm sure there is a
> reason for this (perhaps some part of a relevant RFC?), but I got
> bitten by it in a real-world scenario. I was using Drakma for
> testing of a Java EE-based web application at my company, accessible
> at the internal address "http://someserver:9090/gui/app".
I wouldn't call this "real-world" as in the real "real world" domain
names without a dot don't exist... :)
But, yes, this is obviously useful for in-house testing.
> I quickly hacked up a patch (attached) to Drakma which adds a
> special variable *ALLOW-DOTLESS-COOKIE-DOMAINS-P*, which, when set
> to non-NIL, causes the domains like SOMESERVER to be accepted.
>
> Might it be useful to include in the official distribution?
Looks fine to me except that it's lacking the HTML documentation
patch.
http://weitz.de/patches.html
Could you add this and send a diff against the current dev version?
http://bknr.net/trac/browser/trunk/thirdparty/drakma
Thanks a lot,
Edi.
More information about the Drakma-devel
mailing list