--- a/src/LYCookie.c +++ b/src/LYCookie.c @@ -369,9 +369,6 @@ const char *ptr; domain_entry *de = NULL; BOOL Replacement = FALSE; - int invprompt_reasons = 0; /* what is wrong with this cookie - kw */ - -#define FAILS_COND4 0x02 if (co == NULL) return; @@ -453,66 +450,6 @@ freeCookie(co); return; } - - /* - * RFC 2109 - - * Section 4.3.2, condition 4: The request-host is an HDN (not IP - * address) and has the form HD, where D is the value of the Domain - * attribute, and H is a string that contains one or more dots. - * - * If cookie checking for this domain is set to INVCHECK_LOOSE, then we - * want to bypass this check. The user should be queried if set to - * INVCHECK_QUERY. - */ - ptr = ((hostname + strlen(hostname)) - strlen(co->domain)); - if (StrChr(hostname, '.') < ptr) { - invcheck_behaviour_t invcheck_bv = (de ? de->invcheck_bv - : DEFAULT_INVCHECK_BV); - - switch (invcheck_bv) { - case INVCHECK_LOOSE: - break; /* continue as if nothing were wrong */ - - case INVCHECK_QUERY: - invprompt_reasons |= FAILS_COND4; - break; /* will prompt later if we get that far */ - - case INVCHECK_STRICT: - CTrace((tfp, - "store_cookie: Rejecting because '%s' is not a prefix of '%s'.\n", - co->path, path)); - freeCookie(co); - return; - } - } - } - - /* - * If we found reasons for issuing an invalid cookie confirmation prompt, - * do that now. Rejection by the user here is the last chance to - * completely ignore this cookie; after it passes this hurdle, it may at - * least supersede a previous cookie (even if it finally gets rejected). - - * kw - */ - if (invprompt_reasons) { - char *msg = 0; - - if (invprompt_reasons & FAILS_COND4) { - HTSprintf0(&msg, - INVALID_COOKIE_DOMAIN_CONFIRMATION, - co->ddomain, - hostname); - if (!HTForcedPrompt(cookie_noprompt, msg, NO)) { - CTrace((tfp, - "store_cookie: Rejecting domain '%s' for host '%s'.\n", - co->ddomain, - hostname)); - freeCookie(co); - FREE(msg); - return; - } - } - FREE(msg); } if (de == NULL) {