commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject cvs commit: jakarta-commons/httpclient/src/test/org/apache/commons/httpclient TestCookie.java
Date Tue, 06 Jan 2004 22:10:44 GMT
olegk       2004/01/06 14:10:44

  Modified:    httpclient/src/java/org/apache/commons/httpclient/cookie
                        CookieSpecBase.java
               httpclient/src/test/org/apache/commons/httpclient
                        TestCookie.java
  Log:
  PR #25264 (Cookie rejected)
  
  Fixes the problem that causes rejection of cookies with a domain attribute '.domain.com'
issued by host 'domain.com' in the browser compatibility mode. Even though the cookie violates
the RFC 2109 it still gets accepted by mainstream browsers (tested with Mozilla Firebird and
IE)
  
  Contributed by Oleg Kalnichevski
  
  Revision  Changes    Path
  1.21      +12 -6     jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/cookie/CookieSpecBase.java
  
  Index: CookieSpecBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/cookie/CookieSpecBase.java,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -r1.20 -r1.21
  --- CookieSpecBase.java	2 Nov 2003 18:18:30 -0000	1.20
  +++ CookieSpecBase.java	6 Jan 2004 22:10:44 -0000	1.21
  @@ -428,9 +428,15 @@
   
               // domain must match host
               if (!host.endsWith(cookie.getDomain())) {
  -                throw new MalformedCookieException(
  -                    "Illegal domain attribute \"" + cookie.getDomain() 
  -                    + "\". Domain of origin: \"" + host + "\"");
  +                String s = cookie.getDomain();
  +                if (s.startsWith(".")) {
  +                    s = s.substring(1, s.length());
  +                }
  +                if (!host.equals(s)) { 
  +                    throw new MalformedCookieException(
  +                        "Illegal domain attribute \"" + cookie.getDomain() 
  +                        + "\". Domain of origin: \"" + host + "\"");
  +                }
               }
           } else {
               if (!host.equals(cookie.getDomain())) {
  
  
  
  1.27      +28 -4     jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestCookie.java
  
  Index: TestCookie.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestCookie.java,v
  retrieving revision 1.26
  retrieving revision 1.27
  diff -u -r1.26 -r1.27
  --- TestCookie.java	2 Nov 2003 18:18:30 -0000	1.26
  +++ TestCookie.java	6 Jan 2004 22:10:44 -0000	1.27
  @@ -1048,5 +1048,29 @@
           assertEquals("b,c", cookies[0].getValue());
       }
   
  +    
  +    /**
  +     * Tests if that invalid second domain level cookie gets 
  +     * rejected in the strict mode, but gets accepted in the
  +     * browser compatibility mode.
  +     */
  +    public void testSecondDomainLevelCookie() throws Exception {
  +        Cookie cookie = new Cookie(".sourceforge.net", "name", null, "/", null, false);

  +        cookie.setDomainAttributeSpecified(true);
  +        cookie.setPathAttributeSpecified(true);
  +
  +        CookieSpec parser = null;
  +
  +        parser = CookiePolicy.getCookieSpec(CookiePolicy.BROWSER_COMPATIBILITY);
  +        parser.validate("sourceforge.net", 80, "/", false, cookie);
  +
  +        parser = CookiePolicy.getCookieSpec(CookiePolicy.RFC_2109);
  +        try {
  +            parser.validate("sourceforge.net", 80, "/", false, cookie);
  +            fail("MalformedCookieException should have been thrown");
  +        } catch (MalformedCookieException e) {
  +            // Expected
  +        }
  +    }
   }
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message