delta/go-git.git/src/net/http/cookiejar, branch dev.debug github.com: golang/go net/http/cookiejar: increase test coverage 2017-05-22T19:29:49+00:00 Volker Dobler dr.volker.dobler@gmail.com 2017-03-22T08:14:41+00:00 c5e8ec5b6dc63de087d93d96dc06cb3de6842ec4 The jarKey function handles broken PublicSuffixList implementations but no test verified it. Change-Id: Ifb76de9e8c3941f3b08d3e43970056e023013457 Reviewed-on: https://go-review.googlesource.com/38357 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
The jarKey function handles broken PublicSuffixList implementations but
no test verified it.

Change-Id: Ifb76de9e8c3941f3b08d3e43970056e023013457
Reviewed-on: https://go-review.googlesource.com/38357
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
net/http/cookiejar: fix out-of-bounds errors on malformed domains 2017-03-21T06:36:56+00:00 Volker Dobler dr.volker.dobler@gmail.com 2017-03-06T09:07:25+00:00 d972dc2de9d6b2b85656654b4d3a01dd02e446ec The old implementation of Jar made the assumption that the host names in the URLs given to SetCookies() and Cookies() methods are well-formed. This is not an unreasonable assumption as malformed host names do not trigger calls to SetCookies or Cookies (at least not from net/http) as the HTTP request themselves are not executed. But there can be other invocations of these methods and at least on Linux it was possible to make DNS lookup to domain names with two trailing dots (see issue #7122). This is an old bug and this CL revives an old change (see https://codereview.appspot.com/52100043) to fix the issue. The discussion around 52100043 focused on the interplay between the jar and the public suffix list and who is responsible for which type if domain name canonicalization. The new bug report in issue #19384 used a nil public suffix list which demonstrates that the package cookiejar alone exhibits this problem and any solution cannot be fully delegated to the implementation of the used PublicSuffixList: Package cookiejar itself needs to protect against host names of the form ".." which triggered an out-of-bounds error. This CL does not address the issue of host name canonicalization and the question who is responsible for it. This CL just prevents the out-of-bounds error: It is a very conservative change, i.e. one might still set and retrieve cookies for host names like "weird.stuf...". Several more test cases document how the current code works. Fixes #19384. Change-Id: I14be080e8a2a0b266ced779f2aeb18841b730610 Reviewed-on: https://go-review.googlesource.com/37843 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> 
The old implementation of Jar made the assumption that the host names
in the URLs given to SetCookies() and Cookies() methods are well-formed.
This is not an unreasonable assumption as malformed host names do not
trigger calls to SetCookies or Cookies (at least not from net/http)
as the HTTP request themselves are not executed. But there can be other
invocations of these methods and at least on Linux it was possible to
make DNS lookup to domain names with two trailing dots (see issue #7122).

This is an old bug and this CL revives an old change (see
https://codereview.appspot.com/52100043) to fix the issue. The discussion
around 52100043 focused on the interplay between the jar and the
public suffix list and who is responsible for which type if domain name
canonicalization. The new bug report in issue #19384 used a nil public
suffix list which demonstrates that the package cookiejar alone exhibits
this problem and any solution cannot be fully delegated to the
implementation of the used PublicSuffixList: Package cookiejar itself
needs to protect against host names of the form ".." which triggered an
out-of-bounds error.

This CL does not address the issue of host name canonicalization and
the question who is responsible for it. This CL just prevents the
out-of-bounds error: It is a very conservative change, i.e. one might
still set and retrieve cookies for host names like "weird.stuf...".
Several more test cases document how the current code works.

Fixes #19384.

Change-Id: I14be080e8a2a0b266ced779f2aeb18841b730610
Reviewed-on: https://go-review.googlesource.com/37843
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
all: use sort.Slice where applicable 2016-10-04T05:10:56+00:00 Brad Fitzpatrick bradfitz@golang.org 2016-10-04T03:01:09+00:00 ad26bb5e3098cbfd7c0ad9a1dc9d38c92e50f06e I avoided anywhere in the compiler or things which might be used by the compiler in the future, since they need to build with Go 1.4. I also avoided anywhere where there was no benefit to changing it. I probably missed some. Updates #16721 Change-Id: Ib3c895ff475c6dec2d4322393faaf8cb6a6d4956 Reviewed-on: https://go-review.googlesource.com/30250 TryBot-Result: Gobot Gobot <gobot@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 
I avoided anywhere in the compiler or things which might be used by
the compiler in the future, since they need to build with Go 1.4.

I also avoided anywhere where there was no benefit to changing it.

I probably missed some.

Updates #16721

Change-Id: Ib3c895ff475c6dec2d4322393faaf8cb6a6d4956
Reviewed-on: https://go-review.googlesource.com/30250
TryBot-Result: Gobot Gobot <gobot@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
net/http/cookiejar: fix typo 2016-09-21T15:12:22+00:00 Michal Bohuslávek mbohuslavek@gmail.com 2016-09-21T13:49:51+00:00 e69d63e807b7322e3a7d6c8ad83c251c9f46c9ca Change-Id: I6ea8650927e7946c6fd4659f400fd91ddaae68af Reviewed-on: https://go-review.googlesource.com/29510 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
Change-Id: I6ea8650927e7946c6fd4659f400fd91ddaae68af
Reviewed-on: https://go-review.googlesource.com/29510
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
net/http/cookiejar: added simple example test 2016-09-09T03:47:00+00:00 Dhaivat Pandit dhaivatpandit@gmail.com 2016-08-27T03:13:44+00:00 57d4e5763559634733452f62aba562a5df345192 Fixes #16884 Updates #16360 Change-Id: I01563031a1c105e54499134eed4789f6219f41ec Reviewed-on: https://go-review.googlesource.com/27993 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Fixes #16884
Updates #16360

Change-Id: I01563031a1c105e54499134eed4789f6219f41ec
Reviewed-on: https://go-review.googlesource.com/27993
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
all: replace magic 0x80 with named constant utf8.RuneSelf 2016-04-10T15:15:57+00:00 Martin Möhrmann martisch@uos.de 2016-04-10T06:48:55+00:00 012557b3769f9286b9488fbfd4bddfeee66b6a55 Change-Id: Id1c2e8e9d60588de866e8b6ca59cc83dd28f848f Reviewed-on: https://go-review.googlesource.com/21756 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Change-Id: Id1c2e8e9d60588de866e8b6ca59cc83dd28f848f
Reviewed-on: https://go-review.googlesource.com/21756
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
all: use golang.org/x/... import paths 2014-11-09T22:15:57+00:00 Andrew Gerrand adg@golang.org 2014-11-09T22:15:57+00:00 7f0be1f781a523b5acafb527ca123f5b0eac1536 LGTM=rsc, r R=r, rsc CC=golang-codereview, golang-codereviews https://golang.org/cl/168050043 
LGTM=rsc, r
R=r, rsc
CC=golang-codereview, golang-codereviews
https://golang.org/cl/168050043
build: move package sources from src/pkg to src 2014-09-08T04:08:51+00:00 Russ Cox rsc@golang.org 2014-09-08T04:08:51+00:00 c007ce824d9a4fccb148f9204e04c23ed2984b71 Preparation was in CL 134570043. This CL contains only the effect of 'hg mv src/pkg/* src'. For more about the move, see golang.org/s/go14nopkg. 
Preparation was in CL 134570043.
This CL contains only the effect of 'hg mv src/pkg/* src'.
For more about the move, see golang.org/s/go14nopkg.