PATCH: BR#66090 Cross-domain cookies [Final]

Waldo Bastian bastian at kde.org
Thu Dec 11 23:10:17 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu December 11 2003 03:13, Dawit A. wrote:
> Hi,
>
> Here is the final patch patch against the current CVS to fix BR# 66090. It
> only contains fixes related to this bug report. I have tested this it as
> much as I can and it has so far worked as expected in every case.

Commited with some modifications.

> The only exception is the redirection case I mentioned before. I am not
> sure what should be done in that case, i.e. user types http://www.foo.com
> and get redirected to http://www.bar.com. What should happen to the cookies
> from the redirected location if the "only accept cookies from originating
> server" option is checked ?

They should be accepted. I would argue that after the redirection, the main 
document URL is http://www.bar.com

I have solved that by not setting any URL for cross-domain when a link is 
clicked manually. As a result the browserrun patch was no longer needed.

I think it works nicely now, but please test.

Cheers,
Waldo
- -- 
bastian at kde.org -=|[ KDE: K Desktop for the Enterprise ]|=- bastian at suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE/2PlZN4pvrENfboIRAkSdAKCF0Vygg4EuG5EaBbPAWFxJvFUd9ACeIQzH
+CJY3XvyUPjZbqG7a1MYuig=
=4a4t
-----END PGP SIGNATURE-----




More information about the kde-core-devel mailing list