mirror_php/guzzle
1
0
Fork 0
mirror of https://github.com/guzzle/guzzle.git synced 2025-02-25 02:22:57 +01:00
Code Issues Releases Wiki Activity

Fixes #145: Match .prefix cookied domain names to parent, block subdomain match of TLD cookies except .local.

Browse Source
This commit is contained in:
Glenn Pratt 2012-10-15 17:40:51 -05:00
parent 0ed797ec53
commit fffc167cce
2 changed files with 33 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/Guzzle/Http/Cookie.php
View File

@ -397,8 +397,30 @@ class Cookie
*/
public function matchesDomain($domain)
{
return !$this->getDomain() || !strcasecmp($domain, $this->getDomain()) ||
(strpos($this->getDomain(), '.') === 0 && preg_match('/' . preg_quote($this->getDomain()) . '$/i', $domain));
$cookie_domain = $this->getDomain();
// Domain not set or exact match.
if (!$cookie_domain || !strcasecmp($domain, $cookie_domain)) {
return true;
}
// . prefix match.
if (strpos($cookie_domain, '.') === 0) {
$real_domain = substr($cookie_domain, 1);
// Root domains don't match except for .local.
if (!substr_count($real_domain, '.') && strcasecmp($real_domain, 'local')) {
return false;
}
if (substr($domain, -strlen($real_domain)) === $real_domain) {
// Match exact or 1 deep subdomain.
return !strcasecmp($domain, $real_domain) ||
substr_count(substr($domain, 0, -strlen($real_domain)), '.') === 1;
}
}
return false;
}
/**

9
tests/Guzzle/Tests/Http/CookieTest.php
View File

@ -143,7 +143,16 @@ class CookieTest extends \Guzzle\Tests\GuzzleTestCase
$this->assertTrue($cookie->matchesDomain('.baz.com'));
$this->assertTrue($cookie->matchesDomain('foo.baz.com'));
$this->assertFalse($cookie->matchesDomain('baz.bar.com'));
$this->assertTrue($cookie->matchesDomain('baz.com'));
$cookie->setDomain('.com');
$this->assertFalse($cookie->matchesDomain('baz.com'));
$cookie->setDomain('.com.');
$this->assertFalse($cookie->matchesDomain('baz.com'));
$cookie->setDomain('.local');
$this->assertTrue($cookie->matchesDomain('example.local'));
}
public function testMatchesPath()