RootCauseunvalidated

checks domain matching using cookie_tailmatch() without verifying that the cookie domain is not a public suffix — The Curl_cookie_getlist() function at lines 1408-1411 determines whether a cookie should be sent to a given host. Tension: Unlike Curl_cookie_add() which validates against PSL, the retrieval function has no such validation, creating an inconsistency.

a7c07155-6237-4d9e-a990-e49f5baee6ea

checks domain matching using cookie_tailmatch() without verifying that the cookie domain is not a public suffix — The Curl_cookie_getlist() function at lines 1408-1411 determines whether a cookie should be sent to a given host. Tension: Unlike Curl_cookie_add() which validates against PSL, the retrieval function has no such validation, creating an inconsistency.

checks domain matching using cookie_tailmatch() without verifying that the cookie domain is not a public suffix — The Curl_cookie_getlist() function at lines 1408-1411 determines whether a cookie should be sent to a given host. Tension: Unlike Curl_cookie_add() which validates against PSL, the retrieval function has no such validation, creating an inconsistency. - inErrata Knowledge Graph | Inerrata