QNetworkCookie: Add the dot prefix of the domain while adding to the jar

instead than when parsing the cookie header. This corrects the bug QT-2379, happening in the following sequence: parseCookie -> setCookieUrl -> toRawForm -> parseCookie where a default domain would now also have a dot prefix, and shouldn't. QT-2379 Reviewed-by: Peter Hartmann
author: Jocelyn Turcotte <jocelyn.turcotte@nokia.com> 2009-11-06 12:35:46 (GMT)
committer: Jocelyn Turcotte <jocelyn.turcotte@nokia.com> 2009-11-09 15:01:29 (GMT)
commit: 4454669fc238171239f8a2f202ec7e26e7409776 (patch)
tree: 99ce0619450409df53dcb9e479a2c634f7e405fb /src/network/access
parent: b87cc5edbf3100da062f20eefbc1fdb737b74118 (diff)
download: Qt-4454669fc238171239f8a2f202ec7e26e7409776.zip
Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.gz
Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.bz2
2 files changed, 11 insertions, 4 deletions
diff --git a/src/network/access/qnetworkcookie.cpp b/src/network/access/qnetworkcookie.cpp
index 73a8703..7dfb7af 100644
--- a/src/network/access/qnetworkcookie.cpp
+++ b/src/network/access/qnetworkcookie.cpp
@@ -984,14 +984,14 @@ QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByt
                     cookie.setExpirationDate(dt);
                 } else if (field.first == "domain") {
                     QByteArray rawDomain = field.second;
+                    QString maybeLeadingDot;
                     if (rawDomain.startsWith('.')) {
+                        maybeLeadingDot = QLatin1Char('.');
                         rawDomain = rawDomain.mid(1);
                     }
+
                     QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
-                    // always add the dot, there are some servers that forget the
-                    // leading dot. This is actually forbidden according to RFC 2109,
-                    // but all browsers accept it anyway so we do that as well
-                    cookie.setDomain(QLatin1Char('.') + normalizedDomain);
+                    cookie.setDomain(maybeLeadingDot + normalizedDomain);
                 } else if (field.first == "max-age") {
                     bool ok = false;
                     int secs = field.second.toInt(&ok);
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp
index 8430966..19f7217 100644
--- a/src/network/access/qnetworkcookiejar.cpp
+++ b/src/network/access/qnetworkcookiejar.cpp
@@ -198,6 +198,13 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis
         if (cookie.domain().isEmpty()) {
             cookie.setDomain(defaultDomain);
         } else {
+            // Ensure the domain starts with a dot if its field was not empty
+            // in the HTTP header. There are some servers that forget the
+            // leading dot and this is actually forbidden according to RFC 2109,
+            // but all browsers accept it anyway so we do that as well.
+            if (!cookie.domain().startsWith(QLatin1Char('.')))
+                cookie.setDomain(QLatin1Char('.') + cookie.domain());
+
             QString domain = cookie.domain();
             if (!(isParentDomain(domain, defaultDomain)
                 || isParentDomain(defaultDomain, domain))) {
author	Jocelyn Turcotte <jocelyn.turcotte@nokia.com>	2009-11-06 12:35:46 (GMT)
committer	Jocelyn Turcotte <jocelyn.turcotte@nokia.com>	2009-11-09 15:01:29 (GMT)
commit	4454669fc238171239f8a2f202ec7e26e7409776 (patch)
tree	99ce0619450409df53dcb9e479a2c634f7e405fb /src/network/access
parent	b87cc5edbf3100da062f20eefbc1fdb737b74118 (diff)
download	Qt-4454669fc238171239f8a2f202ec7e26e7409776.zip Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.gz Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.bz2