[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget
|
From: |
Tim Ruehsen |
|
Subject: |
Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget |
|
Date: |
Thu, 05 Jun 2014 12:46 +0200 |
|
User-agent: |
KMail/4.12.4 (Linux/3.14-1-amd64; KDE/4.13.1; x86_64; ; ) |
On Thursday 05 June 2014 15:27:21 Darshit Shah wrote:
> Tim,
>
> As the author of libpsl, I'm waiting on you to ACK this, so we can merge.
Sorry for letting you wait, Darshit.
The patch looks good to me though i am not able to test it right now. But i am
sure, you did it already ;-)
Not correctly checking the cookie domain is a real life security thread (if
cookies are enabled by the Wget user). So merging the patch today is better
than doing it tomorrow...
I would like to see test catching 'super-cookies' (IDNA and non-IDNA). But
that can be done in a second patch and should not delay the merge.
Not sure about using pkg-config in Wget's configure.ac. That would be an
option for detecting libpsl (and other libs as well, I guess). We can work
also on that later if there are no complaints against that.
I am just now working on a V0.3.0 release of libpsl that should satisfy dkg's
requirements for a Debian package. So I hope to see libpsl in Debian in the
near future.
BTW, the new release will use libicu (if found) instead of idn2 utility to
generate the built-in PSL data. The difference is that libicu seems to be more
common than idn2, e.g. Darshit had to package idn2 for Arch Linux.
Again, many thanks for working on the patch, Darshit !
Tim
>
> On Wed, Jun 4, 2014 at 4:30 PM, Giuseppe Scrivano <address@hidden>
wrote:
> > Darshit Shah <address@hidden> writes:
> >> From 5b25217ecf6eb1897d769f2ee0aa5e922e6cbff4 Mon Sep 17 00:00:00 2001
> >> From: Darshit Shah <address@hidden>
> >> Date: Fri, 30 May 2014 22:10:12 +0530
> >> Subject: [PATCH] Support libpsl for cookie domain checking
> >>
> >> ---
> >>
> >> ChangeLog | 5 +++++
> >> NEWS | 2 ++
> >> README.checkout | 44 ++++++++++++++++++++++++--------------------
> >> configure.ac | 11 +++++++++++
> >> src/ChangeLog | 6 +++++-
> >> src/build_info.c.in | 1 +
> >> src/cookies.c | 24 +++++++++++++++++++-----
> >> 7 files changed, 67 insertions(+), 26 deletions(-)
> >
> > seems correct to me.
> >
> > ACK
> >
> > Regards,
> > Giuseppe
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/01
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/01
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/03
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/04
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/05
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget,
Tim Ruehsen <=
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/05
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/06
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/06
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/07
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/12