Cookies subdomain rules are incorrect
|Assignee:||Andreas Smas||% Done:|
|Found in version:||5.0.355||Platform:||Linux|
According to RFC 6265, Cookie set with Domain=.example.com or Domain=example.com (with NO leading dot, this is also valid) should also be set to the requests to x.example.com and y.x.example.com.
In the current implementation of HTTP engine in Movian, cookies with domain=.example.com do work on requests to x.example.com, but DO NOT work on requests to y.x.example.com and further nested subdomains.
How to reproduce:
1. Set some cookies for domain .example.com
2. Make a request to x.example.com
3. Make a request to y.x.example.com
Requests made on steps 2 and 3 have the same set of cookies. I've checked this behavior in every major browser.
Request made on step 2 has the expected set of cookies, request made on step 3 has none.
I've also attached the log showing the real requests and a picture of Chrome DevTools showing domain value for each cookie.