summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorJohn Mark Bell <jmb@netsurf-browser.org>2007-01-28 16:34:50 +0000
committerJohn Mark Bell <jmb@netsurf-browser.org>2007-01-28 16:34:50 +0000
commit9612b35de181826d9ca3bad7a8084625274a44a4 (patch)
treeab8fb7fab24bf63cf117dafb9fbebcffcd54a9a6 /content
parentdf4dbaf4cfebf0b8b5ec9ae7d0bf6ae467609a4e (diff)
downloadnetsurf-9612b35de181826d9ca3bad7a8084625274a44a4.tar.gz
netsurf-9612b35de181826d9ca3bad7a8084625274a44a4.tar.bz2
Improve domain matching of referer and host.
Lose comparison of schemes - this was spurious and wrong. Fixes 1646417. svn path=/trunk/netsurf/; revision=3152
Diffstat (limited to 'content')
-rw-r--r--content/urldb.c49
1 files changed, 30 insertions, 19 deletions
diff --git a/content/urldb.c b/content/urldb.c
index 7d7b5aa15..cc6d370a3 100644
--- a/content/urldb.c
+++ b/content/urldb.c
@@ -2613,37 +2613,48 @@ bool urldb_set_cookie(const char *header, const char *url,
}
if (referer) {
- char *rhost, *rscheme;
+ char *rhost;
/* Ensure that url's host name domain matches
* referer's (4.3.5) */
- res = url_scheme(referer, &rscheme);
- if (res != URL_FUNC_OK) {
- goto error;
- }
-
res = url_host(referer, &rhost);
if (res != URL_FUNC_OK) {
- free(rscheme);
goto error;
}
- if (strcasecmp(scheme, rscheme) != 0) {
- /* Schemes don't match => fail */
- free(rhost);
- free(rscheme);
- goto error;
- }
-
- /* Domain match host names (both are FQDN or IP) */
+ /* Domain match host names */
if (strcasecmp(host, rhost) != 0) {
- free(rhost);
- free(rscheme);
- goto error;
+ /* Not exact match, so try the following:
+ *
+ * 1) host = A.B; rhost = B (i.e. strip first
+ * segment from host and compare against rhost)
+ * 2) host = A.B; rhost = C.B (i.e. strip first
+ * segment off both hosts and compare) */
+ const char *dot = strchr(host, '.');
+ const char *rdot = strchr(host, '.');
+
+ if (!dot || !rdot) {
+ free(rhost);
+ goto error;
+ }
+
+ /* 1 */
+ if (strcasecmp(dot + 1, rhost) != 0) {
+ /* B must contain embedded dots */
+ if (strchr(rdot + 1, '.') == NULL) {
+ free(rhost);
+ goto error;
+ }
+
+ /* 2 */
+ if (strcasecmp(dot, rdot) != 0) {
+ free(rhost);
+ goto error;
+ }
+ }
}
free(rhost);
- free(rscheme);
}
end = cur + strlen(cur) - 2 /* Trailing CRLF */;