|
From: | Glenn Morris |
Subject: | bug#1401: 23.0.60; url-cookie-handle-set-cookie doesnt check for trusted urls |
Date: | Tue, 02 Dec 2008 15:56:16 -0500 |
User-agent: | Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
"Karol Hosiawa" wrote: > (url-cookie-host-can-set-p "images.google.nl" ".google.nl") > nil Yes, but (url-cookie-host-can-set-p "images.google.com" ".google.com") returns non-nil (because "com" is in url-cookie-two-dot-domains). And so does: (setq url-cookie-two-dot-domains "\\.nl\\'") (url-cookie-host-can-set-p "images.google.nl" ".google.nl") But having (url-cookie-host-can-set-p "foo.co.uk" ".co.uk") return non-nil would be bad. It cetainly seems like this problem to me: http://my.opera.com/yngve/blog/show.dml/267415
[Prev in Thread] | Current Thread | [Next in Thread] |