aboutsummaryrefslogtreecommitdiff
path: root/tests/data
diff options
context:
space:
mode:
authorYAMADA Yasuharu <yasuharu.yamada@access-company.com>2013-05-18 22:51:31 +0200
committerDaniel Stenberg <daniel@haxx.se>2013-05-18 22:54:48 +0200
commit04f52e9b4db01bcbf672c9c69303a4e4ad0d0fb9 (patch)
tree5289aab301b2404dc8576c219d0c7a5118f91b24 /tests/data
parent100a33f7ff8bd7dec1fe4b50bed57626a86c6b87 (diff)
cookies: only consider full path matches
I found a bug which cURL sends cookies to the path not to aim at. For example: - cURL sends a request to http://example.fake/hoge/ - server returns cookie which with path=/hoge; the point is there is NOT the '/' end of path string. - cURL sends a request to http://example.fake/hogege/ with the cookie. The reason for this old "feature" is because that behavior is what is described in the original netscape cookie spec: http://curl.haxx.se/rfc/cookie_spec.html The current cookie spec (RFC6265) clarifies the situation: http://tools.ietf.org/html/rfc6265#section-5.2.4
Diffstat (limited to 'tests/data')
-rw-r--r--tests/data/Makefile.am1
-rw-r--r--tests/data/test122854
-rw-r--r--tests/data/test468
-rw-r--r--tests/data/test82
4 files changed, 60 insertions, 5 deletions
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 836be0ad7..8ccdb50da 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -93,6 +93,7 @@ test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
test1216 test1217 test1218 test1219 \
test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 \
+test1228 \
\
test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \
test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \
diff --git a/tests/data/test1228 b/tests/data/test1228
new file mode 100644
index 000000000..0a76b878c
--- /dev/null
+++ b/tests/data/test1228
@@ -0,0 +1,54 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+cookies
+cookie path
+</keywords>
+</info>
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Tue, 25 Sep 2001 19:37:44 GMT
+Set-Cookie: path1=root; domain=.example.fake; path=/;
+Set-Cookie: path2=depth1; domain=.example.fake; path=/hoge;
+Content-Length: 34
+
+This server says cookie path test
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP cookie path match
+ </name>
+ <command>
+http://example.fake/hoge/1228 http://example.fake/hogege/ -b nonexisting -x %HOSTIP:%HTTPPORT
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET http://example.fake/hoge/1228 HTTP/1.1
+Host: example.fake
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://example.fake/hogege/ HTTP/1.1
+Host: example.fake
+Accept: */*
+Proxy-Connection: Keep-Alive
+Cookie: path1=root
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test46 b/tests/data/test46
index f73acdee1..b6f8f83ef 100644
--- a/tests/data/test46
+++ b/tests/data/test46
@@ -52,8 +52,8 @@ TZ=GMT
www.fake.come FALSE / FALSE 1022144953 cookiecliente si
www.loser.com FALSE / FALSE 1139150993 UID 99
%HOSTIP FALSE / FALSE 1439150993 mooo indeed
-#HttpOnly_%HOSTIP FALSE /w FALSE 1439150993 mooo2 indeed2
-%HOSTIP FALSE /wa FALSE 0 empty
+#HttpOnly_%HOSTIP FALSE /want FALSE 1439150993 mooo2 indeed2
+%HOSTIP FALSE /want FALSE 0 empty
</file>
</client>
@@ -77,8 +77,8 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed
www.fake.come FALSE / FALSE 1022144953 cookiecliente si
www.loser.com FALSE / FALSE 1139150993 UID 99
%HOSTIP FALSE / FALSE 1439150993 mooo indeed
-#HttpOnly_%HOSTIP FALSE /w FALSE 1439150993 mooo2 indeed2
-%HOSTIP FALSE /wa FALSE 0 empty
+#HttpOnly_%HOSTIP FALSE /want FALSE 1439150993 mooo2 indeed2
+%HOSTIP FALSE /want FALSE 0 empty
%HOSTIP FALSE / FALSE 2054030187 ckyPersistent permanent
%HOSTIP FALSE / FALSE 0 ckySession temporary
%HOSTIP FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ GKNBDIFAAOFDPDAIEAKDIBKE
diff --git a/tests/data/test8 b/tests/data/test8
index c36408ac2..4d5454153 100644
--- a/tests/data/test8
+++ b/tests/data/test8
@@ -59,7 +59,7 @@ perl -e 'if ("%HOSTIP" !~ /\.0\.0\.1$/) {print "Test only works for HOSTIPs endi
GET /we/want/8 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
-Cookie: cookie=perhaps; cookie=yes; partmatch=present; foobar=name; blexp=yesyes
+Cookie: cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes
</protocol>
</verify>