Iris: [BUG]Session works incorrectly when meets the multi-level TLDs

Created on 18 Dec 2019  ·  2Comments  ·  Source: kataras/iris

iris version:V12.1.1
golang version:1.13.4
OS:Ubuntu 16.04 LTS

BUG Describtion:
The function "formatCookieDomain" in cookie.go does not work correctly when the top-level domain is multi-level.(such as: org.cn)
For example, my domain is "www.example.org.cn", if users access my website by the URL"www.example.org.cn", iris' session work correctly.But ,as we known, users can also access my website by the URL "example.org.cn". In this time , the function "formatCookieDomain" does not have expected output. It prases "example.org.cn" to "org.cn",so session id is refused by the browser.

resolved bug

Most helpful comment

Already verified. It works

All 2 comments

Hello @AlexPeiran, thanks for the report. It should be fixed now, I tested it locally and it passes but you need to verify it, could you please try by downloading the master branch?

Run this terminal command on your project's directory (at the go.mod):

$ go get github.com/kataras/iris/v12@master

Already verified. It works

Was this page helpful?
0 / 5 - 0 ratings