summaryrefslogtreecommitdiff
path: root/netwerk
diff options
context:
space:
mode:
authorMoonchild <moonchild@palemoon.org>2023-10-25 04:31:47 +0200
committerMoonchild <moonchild@palemoon.org>2023-10-25 04:31:47 +0200
commit028aa731edbec7f60e72011b8bdc93222d5e5279 (patch)
tree22873d4f03c63a0183ce89e17eb332b2946be9c3 /netwerk
parent688ed9a1140c944c6b5a50bf75025b066bd002d7 (diff)
downloaduxp-028aa731edbec7f60e72011b8bdc93222d5e5279.tar.gz
[network] Block more invalid cookie name characters.
This blocks the following characters from use in the cookie name: 0x3B (semi-colon), 0x3D (equals) and 0x7F (del)
Diffstat (limited to 'netwerk')
-rw-r--r--netwerk/cookie/nsCookieService.cpp3
1 files changed, 2 insertions, 1 deletions
diff --git a/netwerk/cookie/nsCookieService.cpp b/netwerk/cookie/nsCookieService.cpp
index 2c8a5612f3..2549ffaccb 100644
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3329,7 +3329,8 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI,
0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E,
- 0x1F, /* 0x20, */ 0x00 };
+ 0x1F, /* 0x20, */ 0x3B, 0x3D, 0x7F,
+ 0x00 };
if (cookieAttributes.name.FindCharInSet(illegalNameCharacters, 0) != -1) {
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "invalid name character");
return newCookie;