diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-03-10 11:20:56 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-03-10 11:26:12 +0100 |
commit | 7f7fcd0d756416b0a146b6f34a899e59456b2c17 (patch) | |
tree | 2bff1f9a5d478722dfc7caca1ed0260378482a3b | |
parent | 4d4ce84bb3eccbf9c249f1a43fa79fb9ba14a29b (diff) |
cookies: first n/v pair in Set-Cookie: is the cookie, then parameters
RFC 6265 section 4.1.1 spells out that the first name/value pair in the
header is the actual cookie name and content, while the following are
the parameters.
libcurl previously had a more liberal approach which causes significant
problems when introducing new cookie parameters, like the suggested new
cookie priority draft.
The previous logic read all n/v pairs from left-to-right and the first
name used that wassn't a known parameter name would be used as the
cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be
a cookie named 'person' while an RFC 6265 compliant parser should
consider that to be a cookie named 'Max-Age' with an (unknown) parameter
'person'.
Fixes #709
-rw-r--r-- | lib/cookie.c | 19 | ||||
-rw-r--r-- | tests/data/test1218 | 2 | ||||
-rw-r--r-- | tests/data/test27 | 2 |
3 files changed, 12 insertions, 11 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index de871b75e..1f2239242 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -456,7 +456,16 @@ Curl_cookie_add(struct SessionHandle *data, while(*whatptr && ISBLANK(*whatptr)) whatptr++; - if(!len) { + if(!co->name && sep) { + /* The very first name/value pair is the actual cookie name */ + co->name = strdup(name); + co->value = strdup(whatptr); + if(!co->name || !co->value) { + badcookie = TRUE; + break; + } + } + else if(!len) { /* this was a "<name>=" with no content, and we must allow 'secure' and 'httponly' specified this weirdly */ done = TRUE; @@ -550,14 +559,6 @@ Curl_cookie_add(struct SessionHandle *data, break; } } - else if(!co->name) { - co->name = strdup(name); - co->value = strdup(whatptr); - if(!co->name || !co->value) { - badcookie = TRUE; - break; - } - } /* else this is the second (or more) name we don't know about! */ diff --git a/tests/data/test1218 b/tests/data/test1218 index ee18cb528..9c2fc0389 100644 --- a/tests/data/test1218 +++ b/tests/data/test1218 @@ -14,7 +14,7 @@ cookies <data> HTTP/1.1 200 OK Date: Tue, 25 Sep 2001 19:37:44 GMT -Set-Cookie: domain=.example.fake; bug=fixed; +Set-Cookie: bug=fixed; domain=.example.fake; Content-Length: 21
This server says moo diff --git a/tests/data/test27 b/tests/data/test27 index 5ae2ffd4f..6fed3d994 100644 --- a/tests/data/test27 +++ b/tests/data/test27 @@ -11,7 +11,7 @@ cookies <data> HTTP/1.1 200 Mooo swsclose Connection: close -Set-Cookie: path=/; thewinneris=nowayyouwin; +Set-Cookie: thewinneris=nowayyouwin; path=/; Content-Length: 8 *flopp* |