From 39ece3d0f93f62537f9bd50327e9ebafd706dc49 Mon Sep 17 00:00:00 2001 From: Krzysztof Piotr Oledzki Date: Tue, 15 Dec 2009 23:40:47 +0100 Subject: [PATCH] [BUG] config: fix erroneous check on cookie domain names, again The previous check was correct: the RFC states that it is required to have a domain-name which contained a dot AND began with a dot. However, currently some (all?) browsers do not obey this specification, so such configuration might work. This patch reverts 3d8fbb6658d4414dac20892bbd9e79e14e99e67f but changes the check from FATAL to WARNING and extends the message. (cherry picked from commit 1a8bea9390024e0d61741eeacf6d13b8661eb014) --- src/cfgparse.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/cfgparse.c b/src/cfgparse.c index 24d0c983c..27b890285 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -1296,13 +1296,13 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv) goto out; } - if (*args[cur_arg + 1] != '.' && !strchr(args[cur_arg + 1] + 1, '.')) { + if (*args[cur_arg + 1] != '.' || !strchr(args[cur_arg + 1] + 1, '.')) { /* rfc2109, 4.3.2 Rejecting Cookies */ - Alert("parsing [%s:%d]: domain '%s' contains no embedded" - " dots and does not start with a dot.\n", + Warning("parsing [%s:%d]: domain '%s' contains no embedded" + " dots nor does not start with a dot." + " RFC forbids it, this configuration may not work properly.\n", file, linenum, args[cur_arg + 1]); - err_code |= ERR_ALERT | ERR_FATAL; - goto out; + err_code |= ERR_WARN; } err = invalid_domainchar(args[cur_arg + 1]);