commit a3e03b0e2d935a873bc5557905581427cfab2bf7
parent fa52c9a5eb03b162359cc969a218be2d3211c1a3
Author: Christian Grothoff <christian@grothoff.org>
Date: Sat, 27 Dec 2008 07:06:13 +0000
better cookie handling
Diffstat:
2 files changed, 36 insertions(+), 5 deletions(-)
diff --git a/ChangeLog b/ChangeLog
@@ -1,5 +1,7 @@
Fri Dec 26 23:08:04 MST 2008
Fixed broken check for identical connection address. -CG
+ Making cookie parser more RFC2109 compliant (handle
+ spaces around key, allow value to be optional). -CG
Sat Dec 6 18:36:17 MST 2008
Added configure option to disable checking for CURL support.
diff --git a/src/daemon/connection.c b/src/daemon/connection.c
@@ -951,8 +951,11 @@ parse_cookie_header (struct MHD_Connection *connection)
const char *hdr;
char *cpy;
char *pos;
+ char *sce;
char *semicolon;
char *equals;
+ char *ekill;
+ char old;
int quotes;
hdr = MHD_lookup_connection_value (connection, MHD_HEADER_KIND, "Cookie");
@@ -972,11 +975,37 @@ parse_cookie_header (struct MHD_Connection *connection)
pos = cpy;
while (pos != NULL)
{
- equals = strstr (pos, "=");
- if (equals == NULL)
- break;
- equals[0] = '\0';
- equals++;
+ while (*pos == ' ')
+ pos++; /* skip spaces */
+
+ sce = pos;
+ while ( ( (*sce) != '\0') &&
+ ( (*sce) != ',') &&
+ ( (*sce) != ';') &&
+ ( (*sce) != '=') )
+ sce++;
+ /* remove tailing whitespace (if any) from key */
+ ekill = sce - 1;
+ while ( (*ekill == ' ') &&
+ (ekill >= pos) )
+ *(ekill--) = '\0';
+ old = *sce;
+ *sce = '\0';
+ if (old != '=')
+ {
+ /* value part omitted, use empty string... */
+ if (MHD_NO ==
+ connection_add_header (connection,
+ pos,
+ "",
+ MHD_COOKIE_KIND))
+ return MHD_NO;
+ if (old == '\0')
+ break;
+ pos = sce + 1;
+ continue;
+ }
+ equals = sce + 1;
quotes = 0;
semicolon = equals;
while ((semicolon[0] != '\0') &&
