diff options
author | Jocelyn Turcotte <jocelyn.turcotte@nokia.com> | 2009-11-06 12:35:46 (GMT) |
---|---|---|
committer | Jocelyn Turcotte <jocelyn.turcotte@nokia.com> | 2009-11-09 15:01:29 (GMT) |
commit | 4454669fc238171239f8a2f202ec7e26e7409776 (patch) | |
tree | 99ce0619450409df53dcb9e479a2c634f7e405fb /src/network | |
parent | b87cc5edbf3100da062f20eefbc1fdb737b74118 (diff) | |
download | Qt-4454669fc238171239f8a2f202ec7e26e7409776.zip Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.gz Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.bz2 |
QNetworkCookie: Add the dot prefix of the domain while adding to the jar
instead than when parsing the cookie header.
This corrects the bug QT-2379, happening in the following sequence:
parseCookie -> setCookieUrl -> toRawForm -> parseCookie
where a default domain would now also have a dot prefix, and shouldn't.
QT-2379
Reviewed-by: Peter Hartmann
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/access/qnetworkcookie.cpp | 8 | ||||
-rw-r--r-- | src/network/access/qnetworkcookiejar.cpp | 7 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/network/access/qnetworkcookie.cpp b/src/network/access/qnetworkcookie.cpp index 73a8703..7dfb7af 100644 --- a/src/network/access/qnetworkcookie.cpp +++ b/src/network/access/qnetworkcookie.cpp @@ -984,14 +984,14 @@ QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByt cookie.setExpirationDate(dt); } else if (field.first == "domain") { QByteArray rawDomain = field.second; + QString maybeLeadingDot; if (rawDomain.startsWith('.')) { + maybeLeadingDot = QLatin1Char('.'); rawDomain = rawDomain.mid(1); } + QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain))); - // always add the dot, there are some servers that forget the - // leading dot. This is actually forbidden according to RFC 2109, - // but all browsers accept it anyway so we do that as well - cookie.setDomain(QLatin1Char('.') + normalizedDomain); + cookie.setDomain(maybeLeadingDot + normalizedDomain); } else if (field.first == "max-age") { bool ok = false; int secs = field.second.toInt(&ok); diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 8430966..19f7217 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -198,6 +198,13 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis if (cookie.domain().isEmpty()) { cookie.setDomain(defaultDomain); } else { + // Ensure the domain starts with a dot if its field was not empty + // in the HTTP header. There are some servers that forget the + // leading dot and this is actually forbidden according to RFC 2109, + // but all browsers accept it anyway so we do that as well. + if (!cookie.domain().startsWith(QLatin1Char('.'))) + cookie.setDomain(QLatin1Char('.') + cookie.domain()); + QString domain = cookie.domain(); if (!(isParentDomain(domain, defaultDomain) || isParentDomain(defaultDomain, domain))) { |