Closed Bug 484704 Opened 15 years ago Closed 15 years ago

Cookies for http://example.com/ are also sent to http://example.com:4242/

Categories

(Firefox :: Security, defect)

defect
Not set
normal

Tracking

()

VERIFIED DUPLICATE of bug 469287

People

(Reporter: delroth, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.7) Gecko/2009030719 GranParadiso/3.0.7
Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.7) Gecko/2009030719 GranParadiso/3.0.7

It seems that the cookies created by a website using for example the domain example.com are also transmitted to example.com:4242 (replace 4242 by any port number).

RFC 2965 states :
>   Port    The default behavior is that a cookie MAY be returned to any
>           request-port.

I think this could lead to security problems with cookies stealing, for example on mass virtual hosting where someone could open a server on port 8080 and still get cookies targeted to the website running on port 80.

Reproducible: Always

Steps to Reproduce:
1. Make a website running on yourserver:X (X being the port) send a cookie to Firefox
2. Open a netcat listening on port Y on yourserver
3. Connect to yourserver:Y with Firefox
Actual Results:  
The cookies for yourserver:X are being transmitted to yourserver:Y.

Expected Results:  
I guess two sites running on distinct port number should be treated as different websites.
Dupe of bug 469287, bug 227475, bug 189784, etc.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
v
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.