commit dd98e50d395c91c98b7b0aa68b8023242084bd2c
Author: Daniel Stenberg <daniel@haxx.se>
Date:   Mon Apr 25 13:05:47 2022 +0200

    [Backport] cookie.d: clarify when cookies are always sent
    
    Offering: RTOS
    CVE: CVE-2022-27776
    Reference: upstream_commit_id=c1262996356985dd8d683afdc845202fbcdf916c
    
    DTS/AR: DTS2022042805098
    type: LTS
    reason: fix CVE-2022-27776 for curl.
    weblink：https://github.com/curl/curl/commit/c1262996356985dd8d683afdc845202fbcdf916c
    
    Signed-off-by: lvshengyuan <lvshengyuan1@h-partners.com>

diff --git a/docs/cmdline-opts/cookie.d b/docs/cmdline-opts/cookie.d
index 5c40cf2d8..a17414f27 100644
--- a/docs/cmdline-opts/cookie.d
+++ b/docs/cmdline-opts/cookie.d
@@ -5,9 +5,12 @@ Protocols: HTTP
 Help: Send cookies from string/file
 Category: http
 ---
-Pass the data to the HTTP server in the Cookie header. It is supposedly
-the data previously received from the server in a "Set-Cookie:" line.  The
-data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
+Pass the data to the HTTP server in the Cookie header. It is supposedly the
+data previously received from the server in a "Set-Cookie:" line. The data
+should be in the format "NAME1=VALUE1; NAME2=VALUE2". This makes curl use the
+cookie header with this content explicitly in all outgoing request(s). If
+multiple requests are done due to authentication, followed redirects or
+similar, they will all get this cookie passed on.
 
 If no '=' symbol is used in the argument, it is instead treated as a filename
 to read previously stored cookie from. This option also activates the cookie