Inconsistent path matching for cookie path prefixes




11 years ago
11 months ago


(Reporter: webreg, Unassigned)


Firefox Tracking Flags

(Not tracked)


(Whiteboard: [necko-backlog])


(1 attachment)



11 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv: Gecko/20071127 Firefox/
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv: Gecko/20071127 Firefox/

Assume a URL that sets a cookie with the path /foo. The cookie is accepted, since /fooBar and /foo path-matches as of RFC 2965 paragraph 1.
The cookie is properly sent back to the server when accessing /foo, /foo/, /foo/bar, /foo/bar/... etc. Although it seems the cookie is NOT sent to the server when accessing /fooBar again, even though it should as of my understanding of paragraph 3.3.4 of the RFC.
I have confirmed the the problem is in the browser rather than the server using FireBug + Web Developer plugins.

Reproducible: Always

Steps to Reproduce:
1. Make request to /fooBar
2. /fooBar sets cookie with path /foo which is accepted.
3. Make request to /fooBar again. Cookie is not sent.
Actual Results:  
Cookie with path-matching path is not sent. Firefox seems to assume the path must actually be a path, and the requested URI may not be a "sibling" to the cookie path.

Expected Results:  
Cookies with path-matching according to RFC 2965 should be sent. "For two strings that represent paths, P1 and P2, P1 path-matches P2 if P2 is a prefix of P1 (including the case where P1 and P2 string-compare equal)."

Comment 1

11 years ago
By the way, Internet Explorer 6 and Opera 9 behaves as expected.

Comment 2

11 years ago
sounds like a core bug.
Component: General → Networking: Cookies
Product: Firefox → Core
QA Contact: general → networking.cookies

Comment 3

11 years ago
do you also see this on trunk (firefox 3 beta), or have you only tested branch?

regardless, the code for path matching hasn't changed in a long time:

we do a substring match, per spec, so something nonobvious is going on here. can you create a cookie log (instructions at, demonstrating the problem, and attach it here?


11 years ago
Summary: Inconsisten path matching for cookie path prefixes → Inconsistent path matching for cookie path prefixes

Comment 4

11 years ago
Created attachment 303974 [details]
Cookie log

Cookie log attached.
Also tested FF 3b3; same problem.

Comment 5

6 years ago
According to RFC 6265 [1] section 5.1.4 cookies with /foo as path don't match the request URL /fooBar.

The expected behavior is described in the test case for the Firebug issue 5591 [2].

To summarize:
Making a request to would result in the following:

cookie-path        matches according to RFC 6265?   matches in FF 16.0a1?
/fooBar            yes                              yes
/fooBar/           yes                              yes
/fooBar/my         no                               no
/fooBar/myScript   yes                              yes
/fooBar/myScript/  no                               yes


Whiteboard: [necko-backlog]
You need to log in before you can comment on or make changes to this bug.