bug 643051 - document.cookie should only allow setting one cookie at a time

r=bz
This commit is contained in:
Christian Biesinger 2011-04-11 16:26:11 -07:00
parent 64054ee448
commit 040a8153c7
5 changed files with 79 additions and 1 deletions

View File

@ -842,6 +842,11 @@ function runTest() {
}
}
// Make sure to clear cookies to avoid affecting other tests
document.cookie = "a=; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT"
is(document.cookie, "", "No cookies should be left over");
// Test redirects
is(loader.src, "http://example.org/tests/content/base/test/file_CrossSiteXHR_inner.html");
is(origin, "http://example.org");

View File

@ -260,6 +260,7 @@ _TEST_FILES = \
test_bug610212.html \
test_bug633058.html \
test_bug641219.html \
test_bug643051.html \
$(NULL)
libs:: $(_TEST_FILES)

View File

@ -0,0 +1,43 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=643051
-->
<head>
<title>Test for Bug 643051</title>
<script type="application/javascript" src="/MochiKit/packed.js"></script>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=643051">Mozilla Bug 643051</a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
<script type="application/javascript">
/** Test for Bug 643051 **/
document.cookie = "a=; expires=Thu, 01-Jan-1970 00:00:01 GMT"; // clear cookie
document.cookie = "a2=; expires=Thu, 01-Jan-1970 00:00:01 GMT"; // clear cookie
document.cookie = "a3=; expires=Thu, 01-Jan-1970 00:00:01 GMT"; // clear cookie
// single cookie, should work
document.cookie = "a=bar";
is(document.cookie, "a=bar", "Can't read stored cookie!");
document.cookie = "a2=bar\na3=bar";
is(document.cookie, "a=bar; a2=bar", "Wrong cookie value");
document.cookie = "a2=baz; a3=bar";
is(document.cookie, "a=bar; a2=baz", "Wrong cookie value");
// clear cookies again to avoid affecting other tests
document.cookie = "a=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
document.cookie = "a2=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
document.cookie = "a3=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
</script>
</pre>
</body>
</html>

View File

@ -1550,7 +1550,11 @@ nsCookieService::SetCookieStringInternal(nsIURI *aHostURI,
// process each cookie in the header
nsDependentCString cookieHeader(aCookieHeader);
while (SetCookieInternal(aHostURI, baseDomain, requireHostMatch,
cookieStatus, cookieHeader, serverTime, aFromHttp));
cookieStatus, cookieHeader, serverTime, aFromHttp)) {
// document.cookie can only set one cookie at a time
if (!aFromHttp)
break;
}
}
// notify observers that a cookie was rejected due to the users' prefs.

View File

@ -0,0 +1,25 @@
const Cc = Components.classes;
const Ci = Components.interfaces;
Components.utils.import("resource://gre/modules/NetUtil.jsm");
function run_test() {
let cs = Cc["@mozilla.org/cookieService;1"].getService(Ci.nsICookieService);
let uri = NetUtil.newURI("http://example.org/");
let set = "foo=bar\nbaz=foo";
let expected = "foo=bar; baz=foo";
cs.setCookieStringFromHttp(uri, null, null, set, null, null);
let actual = cs.getCookieStringFromHttp(uri, null, null);
do_check_eq(actual, expected);
uri = NetUtil.newURI("http://example.com/");
cs.setCookieString(uri, null, set, null);
expected = "foo=bar";
actual = cs.getCookieString(uri, null, null);
do_check_eq(actual, expected);
}