summaryrefslogtreecommitdiffstats
path: root/src/network
diff options
context:
space:
mode:
authorJocelyn Turcotte <jocelyn.turcotte@nokia.com>2009-11-06 12:35:46 (GMT)
committerJocelyn Turcotte <jocelyn.turcotte@nokia.com>2009-11-09 15:01:29 (GMT)
commit4454669fc238171239f8a2f202ec7e26e7409776 (patch)
tree99ce0619450409df53dcb9e479a2c634f7e405fb /src/network
parentb87cc5edbf3100da062f20eefbc1fdb737b74118 (diff)
downloadQt-4454669fc238171239f8a2f202ec7e26e7409776.zip
Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.gz
Qt-4454669fc238171239f8a2f202ec7e26e7409776.tar.bz2
QNetworkCookie: Add the dot prefix of the domain while adding to the jar
instead than when parsing the cookie header. This corrects the bug QT-2379, happening in the following sequence: parseCookie -> setCookieUrl -> toRawForm -> parseCookie where a default domain would now also have a dot prefix, and shouldn't. QT-2379 Reviewed-by: Peter Hartmann
Diffstat (limited to 'src/network')
-rw-r--r--src/network/access/qnetworkcookie.cpp8
-rw-r--r--src/network/access/qnetworkcookiejar.cpp7
2 files changed, 11 insertions, 4 deletions
diff --git a/src/network/access/qnetworkcookie.cpp b/src/network/access/qnetworkcookie.cpp
index 73a8703..7dfb7af 100644
--- a/src/network/access/qnetworkcookie.cpp
+++ b/src/network/access/qnetworkcookie.cpp
@@ -984,14 +984,14 @@ QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByt
cookie.setExpirationDate(dt);
} else if (field.first == "domain") {
QByteArray rawDomain = field.second;
+ QString maybeLeadingDot;
if (rawDomain.startsWith('.')) {
+ maybeLeadingDot = QLatin1Char('.');
rawDomain = rawDomain.mid(1);
}
+
QString normalizedDomain = QUrl::fromAce(QUrl::toAce(QString::fromUtf8(rawDomain)));
- // always add the dot, there are some servers that forget the
- // leading dot. This is actually forbidden according to RFC 2109,
- // but all browsers accept it anyway so we do that as well
- cookie.setDomain(QLatin1Char('.') + normalizedDomain);
+ cookie.setDomain(maybeLeadingDot + normalizedDomain);
} else if (field.first == "max-age") {
bool ok = false;
int secs = field.second.toInt(&ok);
diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp
index 8430966..19f7217 100644
--- a/src/network/access/qnetworkcookiejar.cpp
+++ b/src/network/access/qnetworkcookiejar.cpp
@@ -198,6 +198,13 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis
if (cookie.domain().isEmpty()) {
cookie.setDomain(defaultDomain);
} else {
+ // Ensure the domain starts with a dot if its field was not empty
+ // in the HTTP header. There are some servers that forget the
+ // leading dot and this is actually forbidden according to RFC 2109,
+ // but all browsers accept it anyway so we do that as well.
+ if (!cookie.domain().startsWith(QLatin1Char('.')))
+ cookie.setDomain(QLatin1Char('.') + cookie.domain());
+
QString domain = cookie.domain();
if (!(isParentDomain(domain, defaultDomain)
|| isParentDomain(defaultDomain, domain))) {