generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

test1218: another cookie tailmatch test

Browse Source 
... and make 1216 also verify it with a file input

These tests verify commit 3604fde3d3c9b0d, the fix for the "cookie
domain tailmatch" vulnerability. See
http://curl.haxx.se/docs/adv_20130412.html
This commit is contained in:
Daniel Stenberg
2013-04-10 13:40:36 +02:00
parent 2eb8dcf26c
commit 5c5e1a1cd2
3 changed files with 64 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/data/test1216
View File

@@ -37,6 +37,7 @@ http://example.fake/c/1216 http://bexample.fake/c/1216 -b log/injar1216 -x %HOST
example.fake FALSE /a FALSE 2139150993 mooo indeed
example.fake FALSE /b FALSE 0 moo1 indeed
example.fake FALSE /c FALSE 2139150993 moo2 indeed
example.fake TRUE /c FALSE 2139150993 moo3 indeed
</file>
</client>
@@ -50,7 +51,7 @@ GET http://example.fake/c/1216 HTTP/1.1
Host: example.fake
Accept: */*
Proxy-Connection: Keep-Alive
Cookie: moo2=indeed
Cookie: moo2=indeed; moo3=indeed
GET http://bexample.fake/c/1216 HTTP/1.1
Host: bexample.fake