From kfm-devel Thu Aug 31 05:41:09 2000 From: Dawit Alemayehu Date: Thu, 31 Aug 2000 05:41:09 +0000 To: kfm-devel Subject: PATCH: Minor Cookiejar corrections X-MARC-Message: https://marc.info/?l=kfm-devel&m=96770138009971 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD" --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD Content-Type: text/plain Content-Transfer-Encoding: 8bit Hi (Waldo), Patch below to address a two minor and one important issue: - Changed if (strncasecmp(cookieStr, "Set-Cookie: ", 12) == 0) to if (strncasecmp(cookieStr, "Set-Cookie:", 11) == 0) to be a bit more tolerant to brain dead servers :)) - Remove the check for "Set-Cookie2". What is that ???? IMHO it is really taking unecessary space and should be removed. - Fix ::extractDomain to handle same URLs like "linuxtoday.com" & "www.linuxtoday.com" correctly. Right now a ::findCookie(...) would fail for either if the other set the cookie... Regards, Dawit A. --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD Content-Type: text/x-java; name="kcookiejar.diff" Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="kcookiejar.diff" Issuing: cvs diff kcookiejar.cpp kcookiejar.desktop kcookiejar.h Index: kcookiejar.cpp =================================================================== RCS file: /home/kde/kdelibs/kio/http/kcookiejar/kcookiejar.cpp,v retrieving revision 1.24 diff -u -r1.24 kcookiejar.cpp --- kcookiejar.cpp 2000/08/30 19:38:28 1.24 +++ kcookiejar.cpp 2000/08/31 05:54:13 @@ -456,9 +456,14 @@ _domains.append(domain); partList.remove(partList.begin()); // Remove part } - - if (_domains.isEmpty()) // If we have no domains, use the fqdn only. - _domains.append(_fqdn); + // If we have no domains, use the fqdn only. + // Do not forget to append a preceeding ".". Otherwise, + // there will be an incorrect mis-match when checking for + // cookies under some circumstances. For example, a cookie + // set by "linuxtoday.com" won't be avaliable to "www.linuxtoday.com" + // and vise-versa. + if (_domains.isEmpty()) + _domains.append( "." + _fqdn); return true; } @@ -492,12 +497,12 @@ for(;;) { // check for "Set-Cookie" - if (strncasecmp(cookieStr, "Set-Cookie: ", 12) == 0) + if (strncasecmp(cookieStr, "Set-Cookie:", 11) == 0) { - cookieStr = parseNameValue(cookieStr+12, Name, Value); + cookieStr = parseNameValue(cookieStr+11, Name, Value); - if (Name.isEmpty()) - continue; + if (Name.isEmpty()) + continue; // Host = FQDN // Default domain = "" @@ -509,14 +514,6 @@ // Insert cookie in chain lastCookie->nextCookie = cookieChain; cookieChain = lastCookie; - } - else if (lastCookie && (strncasecmp(cookieStr, "Set-Cookie2: ", 13) == 0)) - { - // What the fuck is this? - // Does anyone invent his own headers these days? - // Read the fucking RFC guys! This header is not there! - cookieStr +=12; - // Continue with lastCookie } else { --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD--