Closed Bug 302836 Opened 19 years ago Closed 19 years ago

nsHttpChannel.cpp: IsValidToken() should reject the empty string

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.8beta4

People

(Reporter: sync2d, Assigned: darin.moz)

Details

Attachments

(1 file, 1 obsolete file)

v1 patch
1.06 KB, patch
Biesinger
: review+
darin.moz
: superreview+
benjamin
: approval1.8b4+
Details | Diff | Splinter Review 
http://lxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpChannel.cpp#89
// From section 2.2 of RFC 2616, a token is defined as:
//
//   token          = 1*<any CHAR except CTLs or separators>

This comment says that "token" must have at least one character.
However, IsValidToken() returns PR_TRUE for the empty string.

This bug allows something like:
xmlHttpRequest.setRequestHeader("", "header with the empty name");
Attached patch disallow empty "token" (obsolete) — Splinter Review 
reject the empty string (untested two lines fix).
Good catch, and thanks for the patch.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: blocking1.8b4?
Target Milestone: --- → mozilla1.8beta4
Flags: blocking1.8b4? → blocking1.8b4+
Attached patch v1 patchSplinter Review 
slight tweak over the submitted patch.	biesi: can you please review?  sr=me
Attachment #191115 - Attachment is obsolete: true
Attachment #191733 - Flags: superreview+
Attachment #191733 - Flags: review?(cbiesinger)
Comment on attachment 191733 [details] [diff] [review]
v1 patch

r=biesi
Attachment #191733 - Flags: review?(cbiesinger) → review+
Attachment #191733 - Flags: approval1.8b4?
Attachment #191733 - Flags: approval1.8b4? → approval1.8b4+
fixed-on-trunk
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Just a note for anyone who gets here from a false cvsblame bug number (like I), the auto synch stuff is bug 302386.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: