Bug 119552 - curl's cookie parser does not work properly on some urls
curl's cookie parser does not work properly on some urls
Status: CLOSED RAWHIDE
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: curl (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Eido Inoue
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-03-31 07:32 EST by Taco Scargo
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: 7.11.1-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-07 14:41:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
headers using the curl version that is used with RHEL3 (2.53 KB, text/plain)
2004-03-31 07:34 EST, Taco Scargo
no flags Details
headers using a newer curl version than the one that is used with RHEL3 (3.35 KB, text/plain)
2004-03-31 07:34 EST, Taco Scargo
no flags Details

  None (edit)
Description Taco Scargo 2004-03-31 07:32:39 EST
Description of problem:
I have experienced a strange behaviour of curl. In this version, when 
connecting to a certain website, it does not retain the received 
cookies and when a 302 Location header is returned, curl does not use 
the received cookies. I have tried it on a different website, and 
that does not display the problem. I however tried the same command 
on AS2.1 (AS2.1 uses an older curl version), and that works as 
expected (so no issue!). I therefore suspect the used version of curl 
in AS3 contains a bug that is not present in earlier (and later) 
versions.

I have tested the curl version on a different (non-RedHat) platform 
and it showed the same issue. A later version (7.11.0) was ok.

I therefore kindly request RedHat to issue an update for the curl 
package for RedHat Enterprise Linux.

Example of headers are attached. The username and password has been 
xxx-ed. They are however available on request.

Version-Release number of selected component (if applicable):
curl-7.10.6-4.1

How reproducible:
Every time

Steps to Reproduce:
With curl-7.10.6 try: curl -L -k -v -c /tmp/cookies --
referer 'https://bs7pscw1.bbned.nl/' -
d "USER=xxxxxxxx&PASSWORD=xxxxxxxx&smauthreason=0&target=https://bs7ps
cw1.bbned.nl/" "https://bs7pscw1
.bbned.nl/siteminderagent/forms/login2.fcc" and view the headers (see 
attachment) The cookie is not used in the second request, but should.
  
Actual results:
See attachment headers-curl-7.10.6.log

Expected results:
See attachment headers-curl-7.11.0.log

Additional info:
Comment 1 Taco Scargo 2004-03-31 07:34:01 EST
Created attachment 98997 [details]
headers using the curl version that is used with RHEL3
Comment 2 Taco Scargo 2004-03-31 07:34:32 EST
Created attachment 98998 [details]
headers using a newer curl version than the one that is used with RHEL3

Note You need to log in before you can comment on or make changes to this bug.