Closed
Bug 536514
Opened 15 years ago
Closed 15 years ago
Treat leading and trailing "."s in Domain attributes like other browsers
Categories
(Core :: Networking: Cookies, defect)
Core
Networking: Cookies
Tracking
()
RESOLVED
FIXED
People
(Reporter: abarth-mozilla, Assigned: abarth-mozilla)
Details
Attachments
(1 file)
3.82 KB,
patch
|
dwitte
:
review+
|
Details | Diff | Splinter Review |
== Extra leading and trailing "." in domain attribute == * Set-Cookie: foo=bar; domain=..home.example.org http://home.example.org:8888/cookie-parser?domain0010: FAIL (Every browser tolerates a single leading "." character.) Expected behavior: The cookie is not sent Passing browsers: IE, Safari, Chrome, Opera Failing browsers: Firefox * Set-Cookie: foo=bar; domain=home.example.org. http://home.example.org:8888/cookie-parser?domain0014: FAIL Expected behavior: The cookie is not sent Passing browsers: IE, Chrome, Opera Failing browsers: Firefox, Safari * Set-Cookie: foo=bar; domain=home.example.org.. http://home.example.org:8888/cookie-parser?domain0015: FAIL Expected behavior: The cookie is not sent Passing browsers: IE, Safari, Chrome, Opera Failing browsers: Firefox Recommendation: Change Firefox to match the other browsers
Assignee | ||
Comment 1•15 years ago
|
||
Here's a patch that fixes the bug, complete with test.
Attachment #418970 -
Flags: superreview?(dwitte)
Attachment #418970 -
Flags: review?(dwitte)
Comment 2•15 years ago
|
||
Comment on attachment 418970 [details] [diff] [review] patch with test Awesome. r=me is sufficient here; I'll roll this past tryserver and land it. On a somewhat unrelated topic: if you want another test to add, how about UTF8/IDN tests for hostnames (both as the host setting or getting the cookie, and the 'domain' attribute)? We do normalize URI hostnames to IDN, but we don't normalize the 'domain' attribute, so if it's not IDN then things won't work.
Attachment #418970 -
Flags: superreview?(dwitte)
Attachment #418970 -
Flags: review?(dwitte)
Attachment #418970 -
Flags: review+
Assignee | ||
Comment 3•15 years ago
|
||
Thanks for the review. I'll write some IDN tests. Are there any in TestCookie that I should start from?
Comment 4•15 years ago
|
||
Nope. :( There are some in netwerk/test/unit/test_bug368702.js (for the eTLD service), and test_idnservice.js. You could use that as a starting point. At some point, we should add some proper xpcshell tests in netwerk/test/unit.
Comment 5•15 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/54a3a5a3fc60
Assignee: nobody → abarth-mozilla
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•