Open queo-composer opened 5 years ago
Hi
Thanks for the patch. But doesn't it miss the cookie_config->domain != NULL
case?
So it should be rather something like this?
if (cookie_config->domain != NULL) {
if(cookie_config->domain[0] == '.') {
size_t domainlen = strlen(cookie_config->domain);
size_t hostlen = strlen(r->hostname);
if (hostlen > domainlen
&& strcmp(cookie_config->domain, r->hostname + hostlen - domainlen) == 0) {
domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain);
}
} else {
domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain);
}
}
In the case when domain does NOT begin with a dot, no domain will be sent in the Cookie. This will happen since Crowd 3.2 (see https://jira.atlassian.com/browse/CWD-5141)
Patch here:
--- mod_authnz_crowd.c.1 2019-06-07 10:11:58.840568628 +0200 +++ mod_authnz_crowd.c.2 2019-06-07 10:12:12.708600882 +0200 @@ -486,6 +486,9 @@ domain = apr_psprintf(r->pool, ";Domain=%s", cookie_config->domain); } }
}