From 6443581d72c753cfc10dce996c741dbbcc0bc046 Mon Sep 17 00:00:00 2001
From: Darshit Shah <darnir@gmail.com>
Date: Sun, 24 Feb 2013 19:35:25 +0530
Subject: [PATCH] Fix behaviour to match RFC 6265 on encountering domain
 mismatch.

---
 src/ChangeLog |  5 +++++
 src/cookies.c | 12 +++++-------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index bbc67352..c37fb85a 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2013-02-15  Darshit Shah <darnir@gmail.com>
+
+	* cookies.c (cookie_handle_set_cookie): Set cookie-descard_requested
+	to true on domain mismatch.
+
 2012-12-20  Tim Ruehsen  <tim.ruehsen@gmx.de>
 
 	* gnutls.c (ssl_connect_wget): added +VERS-SSL3.0 to fix
diff --git a/src/cookies.c b/src/cookies.c
index a10971ca..87cc554b 100644
--- a/src/cookies.c
+++ b/src/cookies.c
@@ -673,9 +673,6 @@ cookie_handle_set_cookie (struct cookie_jar *jar,
 
   if (!cookie->domain)
     {
-    copy_domain:
-      /* If the domain was not provided, we use the one we're talking
-         to, and set exact match.  */
       cookie->domain = xstrdup (host);
       cookie->domain_exact = 1;
       /* Set the port, but only if it's non-default. */
@@ -687,11 +684,12 @@ cookie_handle_set_cookie (struct cookie_jar *jar,
       if (!check_domain_match (cookie->domain, host))
         {
           logprintf (LOG_NOTQUIET,
-                     _("Cookie coming from %s attempted to set domain to %s\n"),
-                     quotearg_style (escape_quoting_style, host),
+                     _("Cookie coming from %s attempted to set domain to "),
+                     quotearg_style (escape_quoting_style, host));
+          logprintf (LOG_NOTQUIET,
+                     _("%s\n"),
                      quotearg_style (escape_quoting_style, cookie->domain));
-          xfree (cookie->domain);
-          goto copy_domain;
+          cookie->discard_requested = true;
         }
     }