Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
f72975d8
Commit
f72975d8
authored
Jul 11, 2014
by
Jacek Caban
Committed by
Alexandre Julliard
Jul 11, 2014
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
wininet: Don't allow overriding httponly cookies with non-httponly ones.
parent
deb1f047
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
23 additions
and
0 deletions
+23
-0
cookie.c
dlls/wininet/cookie.c
+8
-0
internet.c
dlls/wininet/tests/internet.c
+15
-0
No files found.
dlls/wininet/cookie.c
View file @
f72975d8
...
...
@@ -963,6 +963,14 @@ DWORD set_cookie(const WCHAR *domain, const WCHAR *path, const WCHAR *cookie_nam
if
((
thisCookie
=
COOKIE_findCookie
(
thisCookieDomain
,
cookie_name
)))
{
if
((
thisCookie
->
flags
&
INTERNET_COOKIE_HTTPONLY
)
&&
!
(
flags
&
INTERNET_COOKIE_HTTPONLY
))
{
WARN
(
"An attempt to override httponly cookie
\n
"
);
SetLastError
(
ERROR_INVALID_OPERATION
);
heap_free
(
data
);
if
(
value
!=
data
)
heap_free
(
value
);
return
COOKIE_STATE_REJECT
;
}
if
(
!
(
thisCookie
->
flags
&
INTERNET_COOKIE_IS_SESSION
))
update_persistent
=
TRUE
;
COOKIE_deleteCookie
(
thisCookie
,
FALSE
);
...
...
dlls/wininet/tests/internet.c
View file @
f72975d8
...
...
@@ -595,6 +595,21 @@ static void test_cookie_attrs(void)
ret
=
InternetGetCookieExA
(
"http://cookie.attrs.com/"
,
NULL
,
buf
,
&
size
,
INTERNET_COOKIE_HTTPONLY
,
NULL
);
ok
(
ret
,
"InternetGetCookieEx failed: %u
\n
"
,
GetLastError
());
ok
(
!
strcmp
(
buf
,
"A=data"
),
"data = %s
\n
"
,
buf
);
/* Try to override httponly cookie with non-httponly one */
ret
=
InternetSetCookieA
(
"http://cookie.attrs.com/bar"
,
NULL
,
"A=test"
);
ok
(
!
ret
&&
GetLastError
()
==
ERROR_INVALID_OPERATION
,
"InternetSetCookie returned: %x (%u)
\n
"
,
ret
,
GetLastError
());
SetLastError
(
0xdeadbeef
);
state
=
InternetSetCookieExA
(
"http://cookie.attrs.com/bar"
,
NULL
,
"A=data"
,
0
,
0
);
ok
(
state
==
COOKIE_STATE_REJECT
&&
GetLastError
()
==
ERROR_INVALID_OPERATION
,
"InternetSetCookieEx returned: %x (%u)
\n
"
,
ret
,
GetLastError
());
size
=
sizeof
(
buf
);
ret
=
InternetGetCookieExA
(
"http://cookie.attrs.com/"
,
NULL
,
buf
,
&
size
,
INTERNET_COOKIE_HTTPONLY
,
NULL
);
ok
(
ret
,
"InternetGetCookieEx failed: %u
\n
"
,
GetLastError
());
ok
(
!
strcmp
(
buf
,
"A=data"
),
"data = %s
\n
"
,
buf
);
}
static
void
test_cookie_url
(
void
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment