Closed
Bug 302836
Opened 19 years ago
Closed 19 years ago
nsHttpChannel.cpp: IsValidToken() should reject the empty string
Categories
(Core :: Networking: HTTP, defect)
Core
Networking: HTTP
Tracking
()
RESOLVED
FIXED
mozilla1.8beta4
People
(Reporter: sync2d, Assigned: darin.moz)
Details
Attachments
(1 file, 1 obsolete file)
1.06 KB,
patch
|
Biesinger
:
review+
darin.moz
:
superreview+
benjamin
:
approval1.8b4+
|
Details | Diff | Splinter Review |
http://lxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpChannel.cpp#89 // From section 2.2 of RFC 2616, a token is defined as: // // token = 1*<any CHAR except CTLs or separators> This comment says that "token" must have at least one character. However, IsValidToken() returns PR_TRUE for the empty string. This bug allows something like: xmlHttpRequest.setRequestHeader("", "header with the empty name");
Assignee | ||
Comment 2•19 years ago
|
||
Good catch, and thanks for the patch.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: blocking1.8b4?
Target Milestone: --- → mozilla1.8beta4
Updated•19 years ago
|
Flags: blocking1.8b4? → blocking1.8b4+
Assignee | ||
Comment 3•19 years ago
|
||
slight tweak over the submitted patch. biesi: can you please review? sr=me
Attachment #191115 -
Attachment is obsolete: true
Attachment #191733 -
Flags: superreview+
Attachment #191733 -
Flags: review?(cbiesinger)
Comment 4•19 years ago
|
||
Comment on attachment 191733 [details] [diff] [review] v1 patch r=biesi
Attachment #191733 -
Flags: review?(cbiesinger) → review+
Assignee | ||
Updated•19 years ago
|
Attachment #191733 -
Flags: approval1.8b4?
Updated•19 years ago
|
Attachment #191733 -
Flags: approval1.8b4? → approval1.8b4+
Assignee | ||
Comment 5•19 years ago
|
||
fixed-on-trunk
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Comment 6•17 years ago
|
||
Just a note for anyone who gets here from a false cvsblame bug number (like I), the auto synch stuff is bug 302386.
You need to log in
before you can comment on or make changes to this bug.
Description
•