#210 invalid cookie host on redirect page

closed-fixed
Web tester (52)
5
2011-11-30
2011-08-03
Anonymous
No

If site answer redirect to another site, and set new cookie, then this new cookie set for second site. For example, virtual dialog:

>
GET /
Host: site1.org

<
HTTP/1.1 302 Found
Server: nginx/0.9.3
Date: Wed, 03 Aug 2011 09:35:26 GMT
Set-Cookie: kykypyky=123; expires=Tue, 03-Aug-2010 09:35:25 GMT; path=/
Location: http://site2.net/

>
GET /
Host: site2.net
Cookie: kykypyky=123 //<- new cookie this

<
HTTP/1.1 302 Found
Location: http://site1.org/abc/

>
GET / abc/
Host: site1.org
//No cookie...

Simple solution this problem:

$ svn diff
Index: user_agent.php
===================================================================
--- user_agent.php (revision 2036)
+++ user_agent.php (working copy)
@@ -244,14 +244,14 @@
return $response;
}
$headers = $response->getHeaders();
- $location = new SimpleUrl($headers->getLocation());
- $url = $location->makeAbsolute($url);
if ($this->cookies_enabled) {
$headers->writeCookiesToJar($this->cookie_jar, $url);
}
if (! $headers->isRedirect()) {
break;
}
+ $location = new SimpleUrl($headers->getLocation());
+ $url = $location->makeAbsolute($url);
$encoding = new SimpleGetEncoding();
} while (! $this->isTooManyRedirects(++$redirects));
return $response;

Discussion

  • Perrick Penet

    Perrick Penet - 2011-11-30

    Thanks for submitting a bug + a patch : it's been applied to the current trunk.

    Yours,
    Perrick

     
  • Perrick Penet

    Perrick Penet - 2011-11-30
    • assigned_to: lastcraft --> pp11
    • status: open --> closed-fixed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks