From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 26 Feb 2025 06:54:15 +0000 (+0100)
Subject: cookie: do prefix matching case-sensitively
X-Git-Tag: curl-8_13_0~345
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5b5e2f7318bff3244def7c5865db47657dcf877b;p=thirdparty%2Fcurl.git

cookie: do prefix matching case-sensitively

According to section 4.1.3.1 and 4.1.3.2 of
draft-ietf-httpbis-rfc6265bis-19

Ref: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-19#section-4.1.3.1

Closes #16494
---

diff --git a/lib/cookie.c b/lib/cookie.c
index 9ef7375327..519fcdc4af 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -536,9 +536,9 @@ parse_cookie_header(struct Curl_easy *data,
        * "the rest". Prefixes must start with '__' and end with a '-', so
        * only test for names where that can possibly be true.
        */
-      if(strncasecompare("__Secure-", Curl_str(&name), 9))
+      if(!strncmp("__Secure-", Curl_str(&name), 9))
         co->prefix_secure = TRUE;
-      else if(strncasecompare("__Host-", Curl_str(&name), 7))
+      else if(!strncmp("__Host-", Curl_str(&name), 7))
         co->prefix_host = TRUE;
 
       /*