Version: KOnq 3.2.3 (using KDE KDE 3.2.3) Installed from: Gentoo Packages Compiler: gcc version 3.3.3 20040412 (Gentoo Linux 3.3.3-r6, ssp-3.3.2-2, pie-8.7.6) OS: Linux if the webserver sends enough cookies ,managed to send 49 cookies with combined size of 7437 bytes . The browser accepts all the cookies and puts them in the get header again. Other browsers accept fewer cookies so the don't mess up there headers. Apache2 answers : Error 400 Your browser sent a request that this server could not understand. Size of a request header field exceeds server limit.
your bug report doesn't make sense to me. You're saying that are sending a bunch of headers around and don't accept them back?
Do you have a URL where this happens? Can you paste the relevant part of your $HOME/.kde/share/apps/kcookiejar/cookies file?
you can go to this site : http://euh.paranoid.nl/cookies.php you will see 0 cookies available and size 0 when you came to the site , and after a RELOAD you will get the error. The cookies are not in the $HOME/.kde/share/apps/kcookiejar/cookies file I have to change the experation date for that. Will try that this weekend.
ok , now I set the cookie to last 30 days , and see how my kcookiejar is filling up : frits@f1667 kcookiejar $ more cookies | grep cookie_ | wc -l 138 frits@f1667 kcookiejar $ more cookies | grep cookie_ | tail -n 1 euh.paranoid.nl "euh.paranoid.nl" "/" 1093597093 0 cookie__1 4 Testing+this+cookie+was+Testing+this+cookie+wasTesting+this+cookie+wasTesting+this+cookie+wasTesting+this+cookie+wasTesting+this+cookie+was.
CVS commit by waba: Implemented cookie limits, disabled for now. CCBUG: 87227 M +32 -3 kcookiejar.cpp 1.120 --- kdelibs/kioslave/http/kcookiejar/kcookiejar.cpp #1.119:1.120 @@ -72,4 +72,14 @@ #include "kcookiejar.h" + +// BR87227 +// Waba: Should the number of cookies be limited? +// I am not convinced of the need of such limit +// Mozilla seems to limit to 20 cookies / domain +// but it is unclear which policy it uses to expire +// cookies when it exceeds that amount +#undef MAX_COOKIE_LIMIT + +#define MAX_COOKIES_PER_HOST 25 #define READ_BUFFER_SIZE 8192 @@ -873,4 +882,20 @@ KHttpCookieList KCookieJar::makeDOMCooki } +#ifdef MAX_COOKIE_LIMIT +static void makeRoom(KHttpCookieList *cookieList, KHttpCookiePtr &cookiePtr) +{ + // Too much cookies: throw one away, try to be somewhat clever + KHttpCookiePtr lastCookie = 0; + for(KHttpCookiePtr cookie = cookieList->first(); cookie; cookie = cookieList->next()) + { + if (cookieList->compareItems(cookie, cookiePtr) < 0) + break; + lastCookie = cookie; + } + if (!lastCookie) + lastCookie = cookieList->first(); + cookieList->removeRef(lastCookie); +} +#endif // @@ -923,4 +948,8 @@ void KCookieJar::addCookie(KHttpCookiePt if (!cookiePtr->isExpired(time(0))) { +#ifdef MAX_COOKIE_LIMIT + if (cookieList->count() >= MAX_COOKIES_PER_HOST) + makeRoom(cookieList, cookiePtr); // Delete a cookie +#endif cookieList->inSort( cookiePtr ); m_cookiesChanged = true;
Leo commented: > The heise forum is said to use an insane amount of cookies for its > threaded view (which was broken in mozilla for its restriction to 20 > cookies, can't find the BR# now). So we should take care of not breaking > existing pages by imposing an arbitrary limit.
Too old and will break other sites that require all cookies as shown in comment #6.