diff options
author | Lars Ingebrigtsen <larsi@gnus.org> | 2017-06-07 16:17:47 +0200 |
---|---|---|
committer | Lars Ingebrigtsen <larsi@gnus.org> | 2017-06-07 16:17:47 +0200 |
commit | 62523863780d3894c92f84dd474278eeddc4a0e0 (patch) | |
tree | 06ba1867972acaaa0cdb15d226882c573a158836 /lisp/url | |
parent | 43885eac09d7c69ecbac08c033d33381e21f48a2 (diff) | |
download | emacs-62523863780d3894c92f84dd474278eeddc4a0e0.tar.gz |
(url-cookie-host-can-set-p): Protect against zero-length domains
* lisp/url/url-cookie.el (url-cookie-host-can-set-p): Protect
against zero-length domains.
Backtrace of a real-world site that triggers a bug:
Debugger entered--Lisp error: (args-out-of-range "" 0)
url-cookie-host-can-set-p("www.washingtonpost.com" "")
url-cookie-handle-set-cookie("utm_term=0;Expires=Thursday,
01-January-1970 00:00:00 GMT; path=/; domain=")
url-http-handle-cookies()
Diffstat (limited to 'lisp/url')
-rw-r--r-- | lisp/url/url-cookie.el | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/lisp/url/url-cookie.el b/lisp/url/url-cookie.el index ac4ac592e77..4912db6c53b 100644 --- a/lisp/url/url-cookie.el +++ b/lisp/url/url-cookie.el @@ -229,16 +229,19 @@ telling Microsoft that." (defun url-cookie-host-can-set-p (host domain) (let ((last nil) (case-fold-search t)) - (if (string= host domain) ; Apparently netscape lets you do this - t + (cond + ((string= host domain) ; Apparently netscape lets you do this + t) + ((zerop (length domain)) + nil) + (t ;; Remove the dot from wildcard domains before matching. (when (eq ?. (aref domain 0)) (setq domain (substring domain 1))) (and (url-domsuf-cookie-allowed-p domain) ;; Need to check and make sure the host is actually _in_ the ;; domain it wants to set a cookie for though. - (string-match (concat (regexp-quote domain) - "$") host))))) + (string-match (concat (regexp-quote domain) "$") host)))))) (defun url-cookie-handle-set-cookie (str) (setq url-cookies-changed-since-last-save t) |