emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

url-cookie.el: Deal with wildcard dots in domain values.

From: Diane Murray
Subject: url-cookie.el: Deal with wildcard dots in domain values.
Date: Sun, 01 Apr 2007 02:30:47 +0200 
Wildcard domain values in cookies are not parsed correctly.  For
example, "domain=.gnu.org" (note the dot in front) in a cookie means
to use this cookie with all subdomains of gnu.org as well.  Since it
seems url-cookie.el already handles domains this way, it should also
deal with those dots.  As things work now, all such cookies are
rejected - even when the user wishes to set cookies for that domain.
The following patch fixes this.


2007-04-01  Diane Murray  <address@hidden>

        * url-cookie.el (url-cookie-retrieve, url-cookie-host-can-set-p):
        Deal with wildcard dots in domain values.


*** url-cookie.el       24 Jan 2007 13:01:25 +0100      1.20
--- url-cookie.el       01 Apr 2007 02:17:06 +0200      
***************
*** 272,278 ****
            storage (cdr storage)
            cookies (cdr cur))
        (if (and (car cur)
!              (string-match (concat "^.*" (regexp-quote (car cur)) "$") host))
          ;; The domains match - a possible hit!
          (while cookies
            (setq cur (car cookies)
--- 272,286 ----
            storage (cdr storage)
            cookies (cdr cur))
        (if (and (car cur)
!              (string-match
!                 (concat "^.*"
!                         (regexp-quote
!                          ;; Remove the dot from wildcard domains
!                          ;; before matching.
!                          (if (string= "." (substring (car cur) 0 1))
!                              (substring (car cur) 1 (length (car cur)))
!                            (car cur)))
!                         "$") host))
          ;; The domains match - a possible hit!
          (while cookies
            (setq cur (car cookies)
***************
*** 344,350 ****
       ((>= numdots mindots)            ; We have enough dots in domain name
        ;; Need to check and make sure the host is actually _in_ the
        ;; domain it wants to set a cookie for though.
!       (string-match (concat (regexp-quote domain) "$") host))
       (t
        nil))))
  
--- 352,364 ----
       ((>= numdots mindots)            ; We have enough dots in domain name
        ;; Need to check and make sure the host is actually _in_ the
        ;; domain it wants to set a cookie for though.
!       (string-match (concat (regexp-quote
!                              ;; Remove the dot from wildcard domains
!                              ;; before matching.
!                              (if (string= "." (substring domain 0 1))
!                                  (substring domain 1 (length domain))
!                                domain))
!                             "$") host))
       (t
        nil))))
reply via email to
[Prev in Thread] Current Thread [Next in Thread]