Cope with a toxic cookie Ross found under a rock

diff --git a/CHANGES b/CHANGES
index a8c090207c2143d3f1a8fe32646d644cea50a2b1..6d92b623a64982a6eb00a674b14abe9b2ddd8f0f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 
 Builds --without-server should work again.
 
+The web interface is a bit more liberal in the cookie value syntax it
+will accept.
+
 * Changes up to version 3.0.1
 
 Debian upgrades from 2.0.x should now work better.

diff --git a/lib/mime.c b/lib/mime.c
index 78a8bd36f181deec957c352b74f5a1e9ad5893f7..da41426a3abfb51cd9f9034f787f975b0ce839df 100644 (file)
--- a/lib/mime.c
+++ b/lib/mime.c
@@ -527,6 +527,26 @@ static int cookie_separator(int c) {
   }
 }
 
+/** @brief Match cookie value separator characters
+ *
+ * Same as cookie_separator() but allows for @c = in cookie values.
+ */
+static int cookie_value_separator(int c) {
+  switch(c) {
+  case '(':
+  case ')':
+  case ',':
+  case ';':
+  case ' ':
+  case '"':
+  case '\t':
+    return 1;
+
+  default:
+    return 0;
+  }
+}
+
 /** @brief Parse a RFC2109 Cookie: header
  * @param s Header field value
  * @param cd Where to store result
@@ -557,7 +577,7 @@ int parse_cookie(const char *s,
       return -1;
     }
     s = skipwhite(s, 0);
-    if(!(s = mime_parse_word(s, &v, cookie_separator))) {
+    if(!(s = mime_parse_word(s, &v, cookie_value_separator))) {
       error(0, "parse_cookie: cannot parse value for '%s'", n);
       return -1;
     }

diff --git a/lib/t-cookies.c b/lib/t-cookies.c
index 89e92878d091cbd6a10a77106929f67a348cd36c..7fdde3272d58b3a94386720e21e039c64acecd90 100644 (file)
--- a/lib/t-cookies.c
+++ b/lib/t-cookies.c
@@ -27,7 +27,7 @@ void test_cookies(void) {
   /* These are the examples from RFC2109 */
   insist(!parse_cookie("$Version=\"1\"; Customer=\"WILE_E_COYOTE\"; $Path=\"/acme\"", cd));
   insist(!strcmp(cd->version, "1"));
-  insist(cd->ncookies = 1);
+  insist(cd->ncookies == 1);
   insist(find_cookie(cd, "Customer") == &cd->cookies[0]);
   check_string(cd->cookies[0].value, "WILE_E_COYOTE");
   check_string(cd->cookies[0].path, "/acme");
@@ -36,7 +36,7 @@ void test_cookies(void) {
                        "Customer=\"WILE_E_COYOTE\"; $Path=\"/acme\";\n"
                        "Part_Number=\"Rocket_Launcher_0001\"; $Path=\"/acme\"",
                        cd));
-  insist(cd->ncookies = 2);
+  insist(cd->ncookies == 2);
   insist(find_cookie(cd, "Customer") == &cd->cookies[0]);
   insist(find_cookie(cd, "Part_Number") == &cd->cookies[1]);
   check_string(cd->cookies[0].value, "WILE_E_COYOTE");
@@ -50,7 +50,7 @@ void test_cookies(void) {
                        "Part_Number=\"Rocket_Launcher_0001\"; $Path=\"/acme\";\n"
                        "Shipping=\"FedEx\"; $Path=\"/acme\"",
                        cd));
-  insist(cd->ncookies = 3);
+  insist(cd->ncookies == 3);
   insist(find_cookie(cd, "Customer") == &cd->cookies[0]);
   insist(find_cookie(cd, "Part_Number") == &cd->cookies[1]);
   insist(find_cookie(cd, "Shipping") == &cd->cookies[2]);
@@ -63,6 +63,13 @@ void test_cookies(void) {
   check_string(cd->cookies[2].value, "FedEx");
   check_string(cd->cookies[2].path, "/acme");
   insist(cd->cookies[2].domain == 0);
+
+  insist(!parse_cookie("BX=brqn3il3r9jro&b=3&s=vv", cd));
+  insist(cd->ncookies == 1);
+  insist(find_cookie(cd, "BX") == &cd->cookies[0]);
+  check_string(cd->cookies[0].value, "brqn3il3r9jro&b=3&s=vv");
+  insist(cd->cookies[0].path == 0);
+  insist(cd->cookies[0].domain == 0);
 }
 
 /*