umgeher/cowboy
0
Fork 0
mirror of https://github.com/ninenines/cowboy.git synced 2025-07-14 12:20:24 +00:00
Code Issues Wiki Activity

Fix cowboy_req:filter_cookies missing valid cookies

Browse source 
When 3 or more cookies were sent the extra cookies were not
found because the binary:split on ";" stopped at the first
occurrence.
This commit is contained in:
Mirjam Friesen 2024-04-02 13:33:35 +02:00 committed by Loïc Hoguin
parent 8e121d138c
commit 36f42a5e8b
No known key found for this signature in database
GPG key ID: 8A9DF795F6FED764
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/cowboy_req.erl
View file

@ -462,7 +462,7 @@ filter_cookies(Names0, Req=#{headers := Headers}) ->
case header(<<"cookie">>, Req) of case header(<<"cookie">>, Req) of
undefined -> Req; undefined -> Req;
Value0 -> Value0 ->
Cookies0 = binary:split(Value0, <<$;>>), Cookies0 = binary:split(Value0, <<$;>>, [global]),
Cookies = lists:filter(fun(Cookie) -> Cookies = lists:filter(fun(Cookie) ->
lists:member(cookie_name(Cookie), Names) lists:member(cookie_name(Cookie), Names)
end, Cookies0), end, Cookies0),

2
test/req_SUITE.erl
View file

@ -324,7 +324,7 @@ filter_then_parse_cookies(Config) ->
[{<<"cookie">>, "bad name=strawberry"}], Config), [{<<"cookie">>, "bad name=strawberry"}], Config),
<<"[{<<\"cake\">>,<<\"strawberry\">>}]">> <<"[{<<\"cake\">>,<<\"strawberry\">>}]">>
= do_get_body("/filter_then_parse_cookies", = do_get_body("/filter_then_parse_cookies",
[{<<"cookie">>, "bad name=strawberry; cake=strawberry"}], Config), [{<<"cookie">>, "bad name=strawberry; another bad name=strawberry; cake=strawberry"}], Config),
<<"[]">> <<"[]">>
= do_get_body("/filter_then_parse_cookies", = do_get_body("/filter_then_parse_cookies",
[{<<"cookie">>, "Blocked by http://www.example.com/upgrade-to-remove"}], Config), [{<<"cookie">>, "Blocked by http://www.example.com/upgrade-to-remove"}], Config),