Remove out-of-date comments that refer to old cookie implementations and specs.

net/base/cookie_monster.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Portions of this code based on Mozilla:
 //   (netwerk/cookie/src/nsCookieService.cpp)
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
@@ skipping 175 matching lines @@
   // We match IE/Firefox in allowing a domain=IPADDR if it matches the url
   // ip address hostname exactly.  It should be treated as a host cookie.
   if (domain_string.empty() ||
       (url.HostIsIPAddress() && url_host == domain_string)) {
     *result = url_host;
     DCHECK(CookieMonster::DomainIsHostOnly(*result));
     return true;
   }
 
   // Get the normalized domain specified in cookie line.
-  // Note: The RFC says we can reject a cookie if the domain
-  // attribute does not start with a dot. IE/FF/Safari however, allow a cookie
-  // of the form domain=my.domain.com, treating it the same as
-  // domain=.my.domain.com -- for compatibility we do the same here.  Firefox
-  // also treats domain=.....my.domain.com like domain=.my.domain.com, but
-  // neither IE nor Safari do this, and we don't either.
   url_canon::CanonHostInfo ignored;
   std::string cookie_domain(CanonicalizeHost(domain_string, &ignored));
   if (cookie_domain.empty())
     return false;
   if (cookie_domain[0] != '.')
     cookie_domain = "." + cookie_domain;
 
   // Ensure |url| and |cookie_domain| have the same domain+registry.
   const std::string url_scheme(url.scheme());
   const std::string url_domain_and_registry(
@@ skipping 1607 matching lines @@
     const std::string::const_iterator& end,
     std::string::const_iterator* value_start,
     std::string::const_iterator* value_end) {
   DCHECK(it && value_start && value_end);
 
   // Seek past any whitespace that might in-between the token and value.
   SeekPast(it, end, kWhitespace);
   // value_start should point at the first character of the value.
   *value_start = *it;
 
-  // It is unclear exactly how quoted string values should be handled.
-  // Major browsers do different things, for example, Firefox supports
-  // semicolons embedded in a quoted value, while IE does not.  Looking at
-  // the specs, RFC 2109 and 2965 allow for a quoted-string as the value.
-  // However, these specs were apparently written after browsers had
-  // implemented cookies, and they seem very distant from the reality of
-  // what is actually implemented and used on the web.  The original spec
-  // from Netscape is possibly what is closest to the cookies used today.
-  // This spec didn't have explicit support for double quoted strings, and
-  // states that ; is not allowed as part of a value.  We had originally
-  // implement the Firefox behavior (A="B;C"; -> A="B;C";).  However, since
-  // there is no standard that makes sense, we decided to follow the behavior
-  // of IE and Safari, which is closer to the original Netscape proposal.
-  // This means that A="B;C" -> A="B;.  This also makes the code much simpler
-  // and reduces the possibility for invalid cookies, where other browsers
-  // like Opera currently reject those invalid cookies (ex A="B" "C";).
-
   // Just look for ';' to terminate ('=' allowed).
   // We can hit the end, maybe they didn't terminate.
   SeekTo(it, end, kValueSeparator);
 
   // Will be pointed at the ; seperator or the end.
   *value_end = *it;
 
   // Ignore any unwanted whitespace after the value.
   if (*value_end != *value_start) {  // Could have an empty value
     --(*value_end);
@@ skipping 317 matching lines @@
 std::string CookieMonster::CanonicalCookie::DebugString() const {
   return base::StringPrintf(
       "name: %s value: %s domain: %s path: %s creation: %"
       PRId64,
       name_.c_str(), value_.c_str(),
       domain_.c_str(), path_.c_str(),
       static_cast<int64>(creation_date_.ToTimeT()));
 }
 
 }  // namespace