Skip to content

Commit dfdc776

Browse files
tirkarthitirkarthi
committed
Prefix dot only for suffix check and add test
1 parent 2816aa8 commit dfdc776

File tree

2 files changed

+29
-3
lines changed

2 files changed

+29
-3
lines changed

Lib/http/cookiejar.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1169,13 +1169,14 @@ def domain_return_ok(self, domain, request):
11691169
# Liberal check of. This is here as an optimization to avoid
11701170
# having to load lots of MSIE cookie files unless necessary.
11711171
req_host, erhn = eff_request_host(request)
1172+
suffix_check_domain = domain
11721173
if not req_host.startswith("."):
11731174
req_host = "."+req_host
11741175
if not erhn.startswith("."):
11751176
erhn = "."+erhn
1176-
if not domain.startswith("."):
1177-
domain = "."+domain
1178-
if not (req_host.endswith(domain) or erhn.endswith(domain)):
1177+
if suffix_check_domain and not suffix_check_domain.startswith("."):
1178+
suffix_check_domain = "." + suffix_check_domain
1179+
if not (req_host.endswith(suffix_check_domain) or erhn.endswith(suffix_check_domain)):
11791180
#_debug(" request domain %s does not match cookie domain %s",
11801181
# req_host, domain)
11811182
return False

Lib/test/test_http_cookiejar.py

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -961,6 +961,31 @@ def test_domain_block(self):
961961
c.add_cookie_header(req)
962962
self.assertFalse(req.has_header("Cookie"))
963963

964+
c.clear()
965+
966+
pol.set_blocked_domains([])
967+
req = urllib.request.Request("http://acme.com/")
968+
res = FakeResponse(headers, "http://acme.com/")
969+
c.extract_cookies(res, req)
970+
self.assertEqual(len(c), 1)
971+
972+
req = urllib.request.Request("http://acme.com/")
973+
c.add_cookie_header(req)
974+
self.assertTrue(req.has_header("Cookie"))
975+
976+
req = urllib.request.Request("http://badacme.com/")
977+
c.add_cookie_header(req)
978+
self.assertFalse(req.has_header("Cookie"))
979+
980+
p = pol.set_blocked_domains(["acme.com"])
981+
req = urllib.request.Request("http://acme.com/")
982+
c.add_cookie_header(req)
983+
self.assertFalse(req.has_header("Cookie"))
984+
985+
req = urllib.request.Request("http://badacme.com/")
986+
c.add_cookie_header(req)
987+
self.assertFalse(req.has_header("Cookie"))
988+
964989
def test_secure(self):
965990
for ns in True, False:
966991
for whitespace in " ", "":

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy