Closed
Bug 484704
Opened 15 years ago
Closed 15 years ago
Cookies for http://example.com/ are also sent to http://example.com:4242/
Categories
(Firefox :: Security, defect)
Firefox
Security
Tracking
()
VERIFIED
DUPLICATE
of bug 469287
People
(Reporter: delroth, Unassigned)
Details
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.7) Gecko/2009030719 GranParadiso/3.0.7
Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.7) Gecko/2009030719 GranParadiso/3.0.7
It seems that the cookies created by a website using for example the domain example.com are also transmitted to example.com:4242 (replace 4242 by any port number).
RFC 2965 states :
> Port The default behavior is that a cookie MAY be returned to any
> request-port.
I think this could lead to security problems with cookies stealing, for example on mass virtual hosting where someone could open a server on port 8080 and still get cookies targeted to the website running on port 80.
Reproducible: Always
Steps to Reproduce:
1. Make a website running on yourserver:X (X being the port) send a cookie to Firefox
2. Open a netcat listening on port Y on yourserver
3. Connect to yourserver:Y with Firefox
Actual Results:
The cookies for yourserver:X are being transmitted to yourserver:Y.
Expected Results:
I guess two sites running on distinct port number should be treated as different websites.
Comment 1•15 years ago
|
||
Dupe of bug 469287, bug 227475, bug 189784, etc.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•