#377 fix the issue in matchDomain method

2025-02-25 10:33:18 +01:00 · 2013-07-13 18:59:30 +08:00 · 2013-07-13 18:59:30 +08:00 · 49ad50059a
commit 49ad50059a
parent 1f33485b6e
1 changed files with 11 additions and 20 deletions
--- a/src/Guzzle/Plugin/Cookie/Cookie.php
+++ b/src/Guzzle/Plugin/Cookie/Cookie.php
@ -426,32 +426,23 @@ class Cookie implements ToArrayInterface
    {
        $cookieDomain = $this->getDomain();

+        // Remove the leading '.' as per spec in RFC 6265:
+        // http://tools.ietf.org/html/rfc6265#section-5.2.3
+        if($cookieDomain && substr($cookieDomain, 0, 1) == '.') {
+            $cookieDomain = substr($cookieDomain, 1);
+        }
+
        // Domain not set or exact match.
        if (!$cookieDomain || !strcasecmp($domain, $cookieDomain)) {
            return true;
        }

-        // . prefix match.
-        if (strpos($cookieDomain, '.') === 0) {
-            $realDomain = substr($cookieDomain, 1);
-
-            // Root domains don't match except for .local.
-            if (!substr_count($realDomain, '.') && strcasecmp($realDomain, 'local')) {
-                return false;
-            }
-
-            if (filter_var($domain, FILTER_VALIDATE_IP)) {
-                return false;
-            }
-
-            if (substr($domain, -strlen($realDomain)) === $realDomain) {
-                // Match exact or 1 deep subdomain.
-                return !strcasecmp($domain, $realDomain) ||
-                    substr_count(substr($domain, 0, -strlen($realDomain)), '.') === 1;
-            }
+        // Matching the subdomain according to RFC 6265:
+        // http://tools.ietf.org/html/rfc6265#section-5.1.3
+        if (filter_var($domain, FILTER_VALIDATE_IP)) {
+            return false;
        }
-
-        return false;
+        return preg_match('/\.' . preg_quote($cookieDomain) . '$/i', $domain);
    }

    /**