Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
net/http: fix cookie Expires minimum year to 1601 instead of Epoch ye…
…ar 1970 Following RFC 6265 Section 5.1.1.5, ensure that the minimum year for which an Expires value is valid and can be included in the cookie's string, is 1601 instead of the Epoch year 1970. A detailed specification for parsing the Expiry field is at: https://tools.ietf.org/html/rfc6265#section-5.2.1 I stumbled across this bug due to this StackOverflow answer that recommends setting the Expiry to the Epoch: http://stackoverflow.com/a/5285982 Fixes #17632 Change-Id: I3c1bdf821d369320334a5dc1e4bf22783cbfe9fc Reviewed-on: https://go-review.googlesource.com/32142 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
- Loading branch information