Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-esicookies
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-esicookies
Commits
492d8fb3
Commit
492d8fb3
authored
Dec 15, 2013
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
return EINVAL for invalid Set-/Cookie syntax
parent
2dfe3aff
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
224 additions
and
7 deletions
+224
-7
README.rst
README.rst
+2
-1
vmod_esicookies_corners.vtc
src/tests/vmod_esicookies_corners.vtc
+213
-0
vmod_esicookies.c
src/vmod_esicookies.c
+9
-6
No files found.
README.rst
View file @
492d8fb3
...
...
@@ -99,7 +99,8 @@ Possible return strings are:
* "Value too large for defined data type" or your current locale's
translation for ``EOVERFLOW``: too many cookies in use (see
limitations_)
* "Invalid argument" or your current locale's translation for
``EINVAL``: a Cookie or Set-Cookie header had an illegal syntax
* "new cookies: not even the header name fits"
* "new cookies dont fit": Cookies don't fit into the workspace of size
``HTTP0_WS_SIZE`` (see limitations_)
...
...
src/tests/vmod_esicookies_corners.vtc
0 → 100644
View file @
492d8fb3
varnishtest "vmod_esicookies corner cases"
server s1 {
# cookie with empty value from client
rxreq
expect req.url == "/includer1"
expect req.http.Cookie == "fromclient="
txresp -body {
<html>
Before include
<esi:include
src=
"/included1"
/>
After include
}
rxreq
expect req.url == "/included1"
expect req.http.Cookie == "fromclient="
txresp -body {
Included file
}
# cookie with name but no equals sign or value from client
rxreq
expect req.url == "/includer2"
expect req.http.Cookie == "fromclient"
txresp -body {
<html>
Before include
<esi:include
src=
"/included2"
/>
After include
}
rxreq
expect req.url == "/included2"
expect req.http.Cookie == "fromclient"
txresp -body {
Included file
}
# empty cookie header from client
rxreq
expect req.url == "/includer3"
expect req.http.Cookie == ""
txresp -body {
<html>
Before include
<esi:include
src=
"/included3"
/>
After include
}
rxreq
expect req.url == "/included3"
expect req.http.Cookie == ""
txresp -body {
Included file
}
# cookie with equals sign and value but no name from client
rxreq
expect req.url == "/includer4"
expect req.http.Cookie == "=1"
txresp -body {
<html>
Before include
<esi:include
src=
"/included4"
/>
After include
}
rxreq
expect req.url == "/included4"
expect req.http.Cookie == "=1"
txresp -body {
Included file
}
# cookie with empty value from response
rxreq
expect req.url == "/includer5"
expect req.http.Cookie == "fromclient=1"
txresp -hdr "Set-Cookie: fromresponse=" \
-body {
<html>
Before include
<esi:include
src=
"/included5"
/>
After include
}
rxreq
expect req.url == "/included5"
expect req.http.Cookie == "fromclient=1"
txresp -body {
Included file
}
# Set-Cookie response with name but no equals sign or value
rxreq
expect req.url == "/includer6"
expect req.http.Cookie == "fromclient=1"
txresp -hdr "Set-Cookie: fromresponse" \
-body {
<html>
Before include
<esi:include
src=
"/included6"
/>
After include
}
rxreq
expect req.url == "/included6"
expect req.http.Cookie == "fromclient=1"
txresp -body {
Included file
}
# empty Set-Cookie response
rxreq
expect req.url == "/includer7"
expect req.http.Cookie == "fromclient=1"
txresp -hdr "Set-Cookie:" \
-body {
<html>
Before include
<esi:include
src=
"/included7"
/>
After include
}
rxreq
expect req.url == "/included7"
expect req.http.Cookie == "fromclient=1"
txresp -body {
Included file
}
# Set-Cookie response with equals sign and value but no name
rxreq
expect req.url == "/includer8"
expect req.http.Cookie == "fromclient=1"
txresp -hdr "Set-Cookie: =1" \
-body {
<html>
Before include
<esi:include
src=
"/included8"
/>
After include
}
rxreq
expect req.url == "/included8"
expect req.http.Cookie == "fromclient=1"
txresp -body {
Included file
}
} -start
varnish v1 -vcl+backend {
import esicookies from "${vmod_topbuild}/src/.libs/libvmod_esicookies.so" ;
sub vcl_fetch {
set req.http.X-Err = esicookies.to_http0_e(beresp.http.Set-Cookie);
set beresp.do_esi = true;
}
sub vcl_deliver {
if (req.http.X-Err) {
set resp.http.X-Err = req.http.X-Err;
}
}
} -start
client c1 {
# cookie with empty value from client
txreq -url "/includer1" -hdr "Cookie: fromclient="
rxresp
expect resp.body == "\n
<html>
\n Before include\n \n Included file\n \n After include\n "
expect resp.bodylen == 149
expect resp.http.X-Err == "Invalid argument"
# cookie with name but no equals sign or value from client
txreq -url "/includer2" -hdr "Cookie: fromclient"
rxresp
expect resp.bodylen == 149
expect resp.http.X-Err == "Invalid argument"
# empty cookie header from client
txreq -url "/includer3" -hdr "Cookie:"
rxresp
expect resp.bodylen == 149
expect resp.http.X-Err == "Invalid argument"
# cookie with equals sign and value but no name from client
txreq -url "/includer4" -hdr "Cookie: =1"
rxresp
expect resp.bodylen == 149
expect resp.http.X-Err == "Invalid argument"
# Set-Cookie response with empty value
txreq -url "/includer5" -hdr "Cookie: fromclient=1"
rxresp
expect resp.bodylen == 149
expect resp.http.Set-Cookie == "fromresponse="
expect resp.http.X-Err == "Invalid argument"
# Set-Cookie response with name but no equals sign or value
txreq -url "/includer6" -hdr "Cookie: fromclient=1"
rxresp
expect resp.bodylen == 149
expect resp.http.Set-Cookie == "fromresponse"
expect resp.http.X-Err == "Invalid argument"
# empty Set-Cookie response
txreq -url "/includer7" -hdr "Cookie: fromclient=1"
rxresp
expect resp.bodylen == 149
expect resp.http.Set-Cookie == ""
expect resp.http.X-Err == "Invalid argument"
# Set-Cookie response with equals sign and value but no name
txreq -url "/includer8" -hdr "Cookie: fromclient=1"
rxresp
expect resp.bodylen == 149
expect resp.http.Set-Cookie == "=1"
expect resp.http.X-Err == "Invalid argument"
} -run
src/vmod_esicookies.c
View file @
492d8fb3
...
...
@@ -285,6 +285,8 @@ vesico_analyze_cookie_header(struct sess *sp, const txt hdr,
while
(
isspace
(
*
pp
))
pp
--
;
c
->
name
.
e
=
pp
+
1
;
if
(
c
->
name
.
b
>=
c
->
name
.
e
)
goto
cookie_invalid
;
p
++
;
while
(
isspace
(
*
p
))
...
...
@@ -297,7 +299,8 @@ vesico_analyze_cookie_header(struct sess *sp, const txt hdr,
while
(
isspace
(
*
pp
))
pp
--
;
pp
++
;
assert
(
pp
>
c
->
value
.
b
);
if
(
pp
<=
c
->
value
.
b
)
goto
cookie_invalid
;
c
->
value
.
e
=
pp
;
// skip forward to next cookie
...
...
@@ -309,7 +312,8 @@ vesico_analyze_cookie_header(struct sess *sp, const txt hdr,
while
(
isspace
(
*
pp
))
pp
--
;
pp
++
;
assert
(
pp
>
c
->
value
.
b
);
if
(
pp
<=
c
->
value
.
b
)
goto
cookie_invalid
;
c
->
value
.
e
=
pp
;
p
=
NULL
;
...
...
@@ -331,11 +335,10 @@ vesico_analyze_cookie_header(struct sess *sp, const txt hdr,
continue
;
cookie_invalid:
DSL
(
0x40000000
,
SLT_Debug
,
sp
->
fd
?
sp
->
fd
:
sp
->
id
,
"%s vmod_http0: invalid Cookie %s"
,
sp
->
fd
?
"fd"
:
"id"
,
c
->
name
.
b
);
WSP
(
sp
,
SLT_VCL_error
,
"vmod esicookies http0: invalid header '%s'"
,
hdr
.
b
);
cs
->
used
--
;
return
EINVAL
;
}
return
0
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment