AuroraMiddleware/qt5base-lts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ignore empty domain attribute in cookies

Browse Source 
As recommended by RFC6265.
This fixes the optional-domain0042 test case.

Task-number: QTBUG-15794
Change-Id: I6dd459797afcb52fa2a78437f8481f5abc6f3105
Reviewed-by: Richard J. Moore <rich@kde.org>
This commit is contained in:
Shane Kearns 2012-06-08 17:04:35 +01:00 committed by Qt by Nokia
parent 058fddd1c0
commit cf29b7b967
1 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/network/access/qnetworkcookie.cpp
View File

@ -931,16 +931,25 @@ QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByt
cookie.setExpirationDate(dt);
} else if (field.first == "domain") {
QByteArray rawDomain = field.second;
QString maybeLeadingDot;
if (rawDomain.startsWith('.')) {
maybeLeadingDot = QLatin1Char('.');
rawDomain = rawDomain.mid(1);
}
//empty domain should be ignored (RFC6265 section 5.2.3)
if (!rawDomain.isEmpty()) {
QString maybeLeadingDot;
if (rawDomain.startsWith('.')) {
maybeLeadingDot = QLatin1Char('.');
rawDomain = rawDomain.mid(1);
}
QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
if (normalizedDomain.isEmpty() && !rawDomain.isEmpty())
return result;
cookie.setDomain(maybeLeadingDot + normalizedDomain);
//IDN domains are required by RFC6265, accepting utf8 as well doesn't break any test cases.
QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
if (!normalizedDomain.isEmpty()) {
cookie.setDomain(maybeLeadingDot + normalizedDomain);
} else {
//Normalization fails for malformed domains, e.g. "..example.org", reject the cookie now
//rather than accepting it but never sending it due to domain match failure, as the
//strict reading of RFC6265 would indicate.
return result;
}
}
} else if (field.first == "max-age") {
bool ok = false;
int secs = field.second.toInt(&ok);