QNetworkCookie - ignore unknown attributes

RFC6265 clarifies that unknown cookie attributes should be ignored,
including the version attribute which was defined by RFC2109 but
not used correctly in practice.

This fixes case 0008 in the test suite with minimal risk.

Task-number: QTBUG-15794
Change-Id: I6f15e8e5e2e5f1ed168fc733a5c84d606a452252
Reviewed-by: Richard J. Moore <rich@kde.org>

diff --git a/src/network/access/qnetworkcookie.cpp b/src/network/access/qnetworkcookie.cpp
index 6a2a70f..be4ea2f 100644 (file)
--- a/src/network/access/qnetworkcookie.cpp
+++ b/src/network/access/qnetworkcookie.cpp
@@ -1025,16 +1025,8 @@ QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByt
                     cookie.setSecure(true);
                 } else if (field.first == "httponly") {
                     cookie.setHttpOnly(true);
-                } else if (field.first == "comment") {
-                    //cookie.setComment(QString::fromUtf8(field.second));
-                } else if (field.first == "version") {
-                    if (field.second != "1") {
-                        // oops, we don't know how to handle this cookie
-                        return result;
-                    }
                 } else {
-                    // got an unknown field in the cookie
-                    // what do we do?
+                    // ignore unknown fields in the cookie (RFC6265 section 5.2, rule 6)
                 }
 
                 position = nextNonWhitespace(cookieString, position);