diff options
author | John Mark Bell <jmb@netsurf-browser.org> | 2007-10-30 23:19:03 +0000 |
---|---|---|
committer | John Mark Bell <jmb@netsurf-browser.org> | 2007-10-30 23:19:03 +0000 |
commit | d1bf94dc4d647f70139a086b976e5d7a57d79a1c (patch) | |
tree | c508134a0c0ef997cd6140da400f01e29e5d2035 | |
parent | d8b810b46ba2495c42f8c855b05760d07c3c63f5 (diff) | |
download | netsurf-d1bf94dc4d647f70139a086b976e5d7a57d79a1c.tar.gz netsurf-d1bf94dc4d647f70139a086b976e5d7a57d79a1c.tar.bz2 |
Work around sites sending domain cookies for .foo.com from hosts such as bar.bat.foo.com, then expecting domain matching to succeed. This causes me pain.
svn path=/trunk/netsurf/; revision=3637
-rw-r--r-- | content/urldb.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/content/urldb.c b/content/urldb.c index 0556bec5b..642428912 100644 --- a/content/urldb.c +++ b/content/urldb.c @@ -2751,12 +2751,27 @@ bool urldb_set_cookie(const char *header, const char *url, goto error; } - /* 4.3.2:iv Ensure H contains no dots */ - for (int i = 0; i < (hlen - dlen); i++) - if (host[i] == '.') { - urldb_free_cookie(c); - goto error; + /* If you believe the spec, H should contain no + * dots in _any_ cookie. Unfortunately, however, + * reality differs in that many sites send domain + * cookies of the form .foo.com from hosts such + * as bar.bat.foo.com and then expect domain + * matching to work. Thus we have to do what they + * expect, regardless of any potential security + * implications. + * + * Ensure that we're dealing with a domain cookie + * here for extra paranoia. + */ + if (c->domain[0] != '.') { + /* 4.3.2:iv Ensure H contains no dots */ + for (int i = 0; i < (hlen - dlen); i++) { + if (host[i] == '.') { + urldb_free_cookie(c); + goto error; + } } + } } /* Now insert into database */ |