moparisthebest/wget
1
0
Fork 0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00
Code Issues Releases Wiki Activity

Convert domains to lowercase before libpsl checks

Browse Source
This commit is contained in:
Darshit Shah 2014-07-05 16:21:40 +05:30
parent 550cd6e9d2
commit c5f2c7fcef
2 changed files with 33 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/ChangeLog
View File

@ -1,3 +1,8 @@
2014-07-05 Darshit Shah <darnir@gmail.com>
* cookies.c (check_domain_match): Libpsl requires that all domain names
passed to it be in utf8 lower case.
2014-07-05 Darshit Shah <darnir@gmail.com> 2014-07-05 Darshit Shah <darnir@gmail.com>
* http.c (gethttp): Fix indentation of conditional block * http.c (gethttp): Fix indentation of conditional block

30
src/cookies.c
View File

@ -501,7 +501,17 @@ numeric_address_p (const char *addr)
/* Check whether COOKIE_DOMAIN is an appropriate domain for HOST. /* Check whether COOKIE_DOMAIN is an appropriate domain for HOST.
Originally I tried to make the check compliant with rfc2109, but Originally I tried to make the check compliant with rfc2109, but
the sites deviated too often, so I had to fall back to "tail the sites deviated too often, so I had to fall back to "tail
matching", as defined by the original Netscape's cookie spec. */ matching", as defined by the original Netscape's cookie spec.
Wget now uses libpsl to check domain names against a public suffix
list to see if they are valid. However, since we don't provide a
psl on our own, if libpsl is compiled without a public suffix list,
fall back to using the original "tail matching" heuristic. Also if
libpsl is unable to convert the domain to lowercase, which means that
it doesnt have any runtime conversion support, we again fall back to
"tail matching" since libpsl states the results are unpredictable with
upper case strings.
*/
static bool static bool
check_domain_match (const char *cookie_domain, const char *host) check_domain_match (const char *cookie_domain, const char *host)
@ -509,6 +519,8 @@ check_domain_match (const char *cookie_domain, const char *host)
#ifdef HAVE_LIBPSL #ifdef HAVE_LIBPSL
DEBUGP (("cdm: 1")); DEBUGP (("cdm: 1"));
char *cookie_domain_lower = NULL;
char *host_lower = NULL;
const psl_ctx_t *psl; const psl_ctx_t *psl;
int is_acceptable; int is_acceptable;
@ -519,7 +531,21 @@ check_domain_match (const char *cookie_domain, const char *host)
goto no_psl; goto no_psl;
} }
is_acceptable = psl_is_cookie_domain_acceptable (psl, host, cookie_domain); if (psl_str_to_utf8lower (cookie_domain, NULL, NULL, &cookie_domain_lower) == PSL_SUCCESS &&
psl_str_to_utf8lower (host, NULL, NULL, &host_lower) == PSL_SUCCESS)
{
is_acceptable = psl_is_cookie_domain_acceptable (psl, host_lower, cookie_domain_lower);
}
else
{
DEBUGP (("libpsl unable to parse domain name. "
"Falling back to simple heuristics.\n"));
goto no_psl;
}
xfree (cookie_domain_lower);
xfree (host_lower);
return true ? (is_acceptable == 1) : false; return true ? (is_acceptable == 1) : false;
no_psl: no_psl: