hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (HTTPCLIENT-1043) BasicPathHandler match bug
Date Fri, 14 Jan 2011 14:47:46 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1043?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Oleg Kalnichevski resolved HTTPCLIENT-1043.
-------------------------------------------

       Resolution: Invalid
    Fix Version/s:     (was: 4.1.0)
                       (was: Future)

RFC 2965 [1]

---
1.  TERMINOLOGY
...

   For two strings that represent paths, P1 and P2, P1 path-matches P2
   if P2 is a prefix of P1 (including the case where P1 and P2 string-
   compare equal).  Thus, the string /tec/waldo path-matches /tec.

---

---
   3.3.2  Rejecting Cookies  
...

   A user agent rejects (SHALL NOT store its information) if the Version
   attribute is missing.  Moreover, a user agent rejects (SHALL NOT
   store its information) if any of the following is true of the
   attributes explicitly present in the Set-Cookie2 response header:

      *  The value for the Path attribute is not a prefix of the
         request-URI.
...
---

[1] http://www.faqs.org/rfcs/rfc2965.html

> BasicPathHandler match bug
> --------------------------
>
>                 Key: HTTPCLIENT-1043
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1043
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpCookie
>    Affects Versions: 4.0.1, 4.0.2, 4.0.3, 4.1 Alpha1, 4.1 Alpha2, 4.1 Beta1
>            Reporter: Dmitry Grytsovets
>            Priority: Minor
>
> in BasicPathHandler
>    boolean match = targetpath.startsWith (topmostPath);
>         // if there is a match and these values are not exactly the same we have
>         // to make sure we're not matcing "/foobar" and "/foo"
>         if (match && targetpath.length() != topmostPath.length()) {
>             if (!topmostPath.endsWith("/")) {
>                 match = (targetpath.charAt(topmostPath.length()) == '/');
>             }
>         }
> must be changed to
>    boolean match = topmostPath.startsWith (targetpath);
>         // if there is a match and these values are not exactly the same we have
>         // to make sure we're not matcing "/foobar" and "/foo"
>         if (match && targetpath.length() != topmostPath.length()) {
>             if (!targetPath.endsWith("/")) {
>                 match = (topmostPath.charAt(targetpath.length()-1) == '/');
>             }
>         }
> example 
> targetpath = "/stat/" // where are you
> topmostPath  = "/stat/domain.tld/" // cookie for path

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message