r3637 jmb - /trunk/netsurf/content/urldb.c

[netsurf at semichrome.net]

Author: jmb
Date: Tue Oct 30 23:19:03 2007
New Revision: 3637

URL: http://source.netsurf-browser.org?rev=3637&view=rev
Log:
Work around sites sending domain cookies for .foo.com from hosts such as bar.bat.foo.com, then expecting domain matching to succeed. This causes me pain.

Modified:
    trunk/netsurf/content/urldb.c

Modified: trunk/netsurf/content/urldb.c
URL: http://source.netsurf-browser.org/trunk/netsurf/content/urldb.c?rev=3637&r1=3636&r2=3637&view=diff
==============================================================================
--- trunk/netsurf/content/urldb.c (original)
+++ trunk/netsurf/content/urldb.c Tue Oct 30 23:19:03 2007
@@ -2751,12 +2751,27 @@
 				goto error;
 			}
 
-			/* 4.3.2:iv Ensure H contains no dots */
-			for (int i = 0; i < (hlen - dlen); i++)
-				if (host[i] == '.') {
-					urldb_free_cookie(c);
-					goto error;
+			/* If you believe the spec, H should contain no
+			 * dots in _any_ cookie. Unfortunately, however,
+			 * reality differs in that many sites send domain
+			 * cookies of the form .foo.com from hosts such
+			 * as bar.bat.foo.com and then expect domain
+			 * matching to work. Thus we have to do what they
+			 * expect, regardless of any potential security
+			 * implications.
+			 *
+			 * Ensure that we're dealing with a domain cookie
+			 * here for extra paranoia.
+			 */
+			if (c->domain[0] != '.') {
+				/* 4.3.2:iv Ensure H contains no dots */
+				for (int i = 0; i < (hlen - dlen); i++) {
+					if (host[i] == '.') {
+						urldb_free_cookie(c);
+						goto error;
+					}
 				}
+			}
 		}
 
 		/* Now insert into database */