From 1a8bea9390024e0d61741eeacf6d13b8661eb014 Mon Sep 17 00:00:00 2001 From: Krzysztof Piotr Oledzki Date: Tue, 15 Dec 2009 23:40:47 +0100 Subject: [PATCH] [BUG] config: fix erroneous check on cookie domain names, again The previous check was correct: the RFC states that it is required to have a domain-name which contained a dot AND began with a dot. However, currently some (all?) browsers do not obey this specification, so such configuration might work. This patch reverts 3d8fbb6658d4414dac20892bbd9e79e14e99e67f but changes the check from FATAL to WARNING and extends the message. --- src/cfgparse.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/cfgparse.c b/src/cfgparse.c index 5d2ca6d637..fd338f723f 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -1458,13 +1458,13 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } - if (*args[cur_arg + 1] != '.' && !strchr(args[cur_arg + 1] + 1, '.')) { + if (*args[cur_arg + 1] != '.' || !strchr(args[cur_arg + 1] + 1, '.')) { /* rfc2109, 4.3.2 Rejecting Cookies */ - Alert("parsing [%s:%d]: domain '%s' contains no embedded" - " dots and does not start with a dot.\n", + Warning("parsing [%s:%d]: domain '%s' contains no embedded" + " dots nor does not start with a dot." + " RFC forbids it, this configuration may not work properly.\n", file, linenum, args[cur_arg + 1]); - err_code |= ERR_ALERT | ERR_FATAL; - goto out; + err_code |= ERR_WARN; } err = invalid_domainchar(args[cur_arg + 1]); -- 2.47.3