Closed Bug 104492 Opened 23 years ago Closed 23 years ago

not storing when domain has less than two dots

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: tanyel, Assigned: morse)

References

(
URL
)

Details

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:0.9.5+) Gecko/20011011
BuildID:    2001101103

The form at http://www.straightblack.com/login/add_form.php leads to a page at
http://www.straightblack.com/login/add_verify.php that uses a php function to
set a cookie. The php function looks like
setcookie("CommunityMember","$ScreenName",time() + 3600, "/",
"straightblack.com", "0");

The cookie does not appear to be created and stored.

Reproducible: Always
Steps to Reproduce:
1. go to http://www.straightblack.com/login/add_form.php
2. enter a screen name and password. the rest is not necessary
3. click on the "Send Data" button

Actual Results:  The form is submitted but no cookie is created.

Expected Results:  The form is submitted and a cookie is created.

It seems that Netscape 4.78 does not store the cookie either but Internet
Explorer and Opera do, so I am not certain if this is intentional or not. I
suppose it may be a "quirks mode" issue since I never use document type definitions.
Problem is with the server.  It is attempting to set a cookie for the domain 
"straightblack.com".  Unfortunately that is not a valid domain name -- domain 
names start with a dot.  The correct name is ".straighblack.com".

Reason this invalid name is causing the cookie to not be set is because one of 
the checks that we make on the domain name is to assure that it contains at 
least two periods, in order to prevent domains of the form ".com" or ".edu".  
This invalid domain name is failing the two-period test.

Yes, we could assume a leading dot if there is not one there.  But I'd be 
reluctant to make that change for fear of breaking some other website.  The 
cookie tests are very tricky and we have been burnt several times when we 
attempted to make what we thought would be improvements.  See bug 8743 for a 
chronology on such mishaps.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → INVALID
V/invalide
Status: RESOLVED → VERIFIED
QA Contact: tever → benc
Summary: mozilla not storing certain cookies → not storing when domain has less than two dots
You need to log in before you can comment on or make changes to this bug.