38 lines
1.6 KiB
Diff
38 lines
1.6 KiB
Diff
commit dd98e50d395c91c98b7b0aa68b8023242084bd2c
|
|
Author: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Mon Apr 25 13:05:47 2022 +0200
|
|
|
|
[Backport] cookie.d: clarify when cookies are always sent
|
|
|
|
Offering: RTOS
|
|
CVE: CVE-2022-27776
|
|
Reference: upstream_commit_id=c1262996356985dd8d683afdc845202fbcdf916c
|
|
|
|
DTS/AR: DTS2022042805098
|
|
type: LTS
|
|
reason: fix CVE-2022-27776 for curl.
|
|
weblink:https://github.com/curl/curl/commit/c1262996356985dd8d683afdc845202fbcdf916c
|
|
|
|
Signed-off-by: lvshengyuan <lvshengyuan1@h-partners.com>
|
|
|
|
diff --git a/docs/cmdline-opts/cookie.d b/docs/cmdline-opts/cookie.d
|
|
index 5c40cf2d8..a17414f27 100644
|
|
--- a/docs/cmdline-opts/cookie.d
|
|
+++ b/docs/cmdline-opts/cookie.d
|
|
@@ -5,9 +5,12 @@ Protocols: HTTP
|
|
Help: Send cookies from string/file
|
|
Category: http
|
|
---
|
|
-Pass the data to the HTTP server in the Cookie header. It is supposedly
|
|
-the data previously received from the server in a "Set-Cookie:" line. The
|
|
-data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
|
|
+Pass the data to the HTTP server in the Cookie header. It is supposedly the
|
|
+data previously received from the server in a "Set-Cookie:" line. The data
|
|
+should be in the format "NAME1=VALUE1; NAME2=VALUE2". This makes curl use the
|
|
+cookie header with this content explicitly in all outgoing request(s). If
|
|
+multiple requests are done due to authentication, followed redirects or
|
|
+similar, they will all get this cookie passed on.
|
|
|
|
If no '=' symbol is used in the argument, it is instead treated as a filename
|
|
to read previously stored cookie from. This option also activates the cookie
|