From 780652e5b695ba2e85cfbefedf80ec1f5e951798 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 4 Oct 2003 15:48:15 +0000
Subject: [PATCH] Vincent Bronner pointed out that if you set CURLOPT_COOKIE to
 NULL, it still sends off the previously set cookie. This also concerns
 CURLOPT_REFERER. This fix should stop this.

---
 lib/http.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/lib/http.c b/lib/http.c
index 5195122a8c..e0a280e289 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1053,16 +1053,17 @@ CURLcode Curl_http(struct connectdata *conn)
   if(result)
     return result;
 
-  if((data->change.referer) && !checkheaders(data, "Referer:")) {
-    if(conn->allocptr.ref)
-      free(conn->allocptr.ref);
+  Curl_safefree(conn->allocptr.ref);
+  if(data->change.referer && !checkheaders(data, "Referer:"))
     conn->allocptr.ref = aprintf("Referer: %s\015\012", data->change.referer);
-  }
-  if(data->set.cookie && !checkheaders(data, "Cookie:")) {
-    if(conn->allocptr.cookie)
-      free(conn->allocptr.cookie);
+  else
+    conn->allocptr.ref = NULL;
+
+  Curl_safefree(conn->allocptr.cookie);
+  if(data->set.cookie && !checkheaders(data, "Cookie:"))
     conn->allocptr.cookie = aprintf("Cookie: %s\015\012", data->set.cookie);
-  }
+  else
+    conn->allocptr.cookie = NULL;
 
   if(!conn->bits.upload_chunky && (data->set.httpreq != HTTPREQ_GET)) {
     /* not a chunky transfer but data is to be sent */
-- 
GitLab