cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] Use magic expiration value for session cookies

From: Claes Jakobsson <claes_at_versed.se>
Date: Thu, 3 Sep 2009 10:45:40 +0200

On Sep 3, 2009, at 10:26 AM, Daniel Stenberg wrote:
> I appreciate your effort and what you're trying to do. But I think
> this approach is a bit too strange. I suggest a different approach.
> (I just committed a better date parser API for internal use too. It
> will now allow our code to properly separate parsing errors from
> time overflow or failed to parse etc.)
>
> I suggest we instead store 1970-01-01 00:00:00 as expires at 1, as a
> special case. The date is far away in the past anyway (hey even
> before *I* was born) and it won't matter if 'expires' 1970-01-01
> 00:00:00 and 1970-01-01 00:00:01 will both use 1. This allows us to
> keep 0 reserved for "session cookies" and allows us to save the
> cookies fine in the netscape file format exactly like today.

That would work too and keep things a bit cleaner. I think keeping the
testcase I provided might be valueable tho since it would test the
above.

> That's the primary reason why we have the CURLOPT_COOKIESESSION
> option. It allows an app to say that a new session has started, so
> that all old session cookies can be discarded on load and be
> forgotten.

Ah, was just curious. My curl-fu is not strong enough yet obviously =)

Cheers,
Claes
Received on 2009-09-03