BUG/MINOR: config: Update cookie domain warn to RFC6265

The domain option of the cookie keyword allows to define which domain or
domains should use the the cookie value of a cookie-based server
affinity. If the domain does not start with a dot, the user agent should
only use the cookie on hosts that matches the provided domains. If the
configured domain starts with a dot, the user agent can use the cookie
with any host ending with the configured domain.

haproxy config parser helps the admin warning about a potentially buggy
config: defining a domain without an embedded dot which does not start
with a dot, which is forbidden by the RFC.

The current condition to issue the warning implements RFC2109. This
change updates the implementation to RFC6265 which allows domain without
a leading dot.

Should be backported to all supported versions. The feature exists at least
since 1.5.

diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index 09b172724c5a655146290ef2dcd156f52e7e270e..507e071734e228bd446b3c1f2e424255c3cc5551 100644 (file)
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -880,11 +880,10 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
                                        goto out;
                                }
 
-                               if (*args[cur_arg + 1] != '.' || !strchr(args[cur_arg + 1] + 1, '.')) {
-                                       /* rfc2109, 4.3.2 Rejecting Cookies */
-                                       ha_warning("parsing [%s:%d]: domain '%s' contains no embedded"
-                                                  " dots nor does not start with a dot."
-                                                  " RFC forbids it, this configuration may not work properly.\n",
+                               if (!strchr(args[cur_arg + 1], '.')) {
+                                       /* rfc6265, 5.2.3 The Domain Attribute */
+                                       ha_warning("parsing [%s:%d]: domain '%s' contains no embedded dot,"
+                                                  " this configuration may not work properly (see RFC6265#5.2.3).\n",
                                                   file, linenum, args[cur_arg + 1]);
                                        err_code |= ERR_WARN;
                                }