From fadb6fd4e2c62a476b45c45e2d48165ff3f5145b Mon Sep 17 00:00:00 2001 From: "morse%netscape.com" Date: Tue, 29 Jun 1999 22:34:48 +0000 Subject: [PATCH] fix bug 8743 --- extensions/cookie/nsCookie.cpp | 14 ++++++++++++++ network/main/mkprefs.h | 1 + network/protocol/http/nsCookie.cpp | 13 +++++++++++++ 3 files changed, 28 insertions(+) diff --git a/extensions/cookie/nsCookie.cpp b/extensions/cookie/nsCookie.cpp index 8828e259039..f01d11fc076 100644 --- a/extensions/cookie/nsCookie.cpp +++ b/extensions/cookie/nsCookie.cpp @@ -75,6 +75,7 @@ static NS_DEFINE_CID(kFileLocatorCID, NS_FILELOCATOR_CID); #define pref_cookieBehavior "network.cookie.cookieBehavior" #define pref_warnAboutCookies "network.cookie.warnAboutCookies" #define pref_scriptName "network.cookie.filterName" +#define pref_strictCookieDomains "network.cookie.strictDomains" #define DEF_COOKIE_BEHAVIOR 0 @@ -1156,6 +1157,7 @@ net_IntSetCookieString(char * cur_url, PRBool HG83744 is_domain=FALSE, accept=FALSE; // MWContextType type; Bool bCookieAdded; + PRBool pref_scd = PR_FALSE; /* Only allow cookies to be set in the listed contexts. We * don't want cookies being set in html mail. @@ -1314,6 +1316,17 @@ net_IntSetCookieString(char * cur_url, * cookies for the entire .co.nz domain. */ +/* + * Although this is the right thing to do(tm), it breaks too many sites. + * So only do it if the restrictCookieDomains pref is TRUE. + * + */ + if ( PREF_GetBoolPref(pref_strictCookieDomains, &pref_scd) < 0 ) { + pref_scd = PR_FALSE; + } + + if ( pref_scd == PR_TRUE ) { + cur_host[cur_host_length-domain_length] = '\0'; dot = XP_STRCHR(cur_host, '.'); cur_host[cur_host_length-domain_length] = '.'; @@ -1327,6 +1340,7 @@ net_IntSetCookieString(char * cur_url, net_UndeferCookies(); return; } + } /* all tests passed, copy in domain to hostname field */ diff --git a/network/main/mkprefs.h b/network/main/mkprefs.h index f11d5600087..c93c43ef82c 100644 --- a/network/main/mkprefs.h +++ b/network/main/mkprefs.h @@ -47,6 +47,7 @@ #define pref_mailQuotedStyle "mail.quoted_style" #define pref_cookieBehavior "network.cookie.cookieBehavior" #define pref_warnAboutCookies "network.cookie.warnAboutCookies" +#define pref_strictCookieDomains "network.cookie.strictDomains" #define pref_scriptName "network.cookie.filterName" #define pref_goBrowsingEnabled "browser.goBrowsing.enabled" #define pref_sendRefererHeader "network.sendRefererHeader" diff --git a/network/protocol/http/nsCookie.cpp b/network/protocol/http/nsCookie.cpp index 9804bd0dc6e..0b1d99d6b9a 100644 --- a/network/protocol/http/nsCookie.cpp +++ b/network/protocol/http/nsCookie.cpp @@ -1144,6 +1144,7 @@ net_IntSetCookieString(MWContext * context, PRBool HG83744 is_domain=FALSE, accept=FALSE; MWContextType type; Bool bCookieAdded; + PRBool pref_scd = PR_FALSE; if(!context) { PR_Free(cur_path); @@ -1307,6 +1308,17 @@ net_IntSetCookieString(MWContext * context, * cookies for the entire .co.nz domain. */ +/* + * Although this is the right thing to do(tm), it breaks too many sites. + * So only do it if the restrictCookieDomains pref is TRUE. + * + */ + if ( PREF_GetBoolPref(pref_strictCookieDomains, &pref_scd) < 0 ) { + pref_scd = PR_FALSE; + } + + if ( pref_scd == PR_TRUE ) { + cur_host[cur_host_length-domain_length] = '\0'; dot = XP_STRCHR(cur_host, '.'); cur_host[cur_host_length-domain_length] = '.'; @@ -1320,6 +1332,7 @@ net_IntSetCookieString(MWContext * context, net_UndeferCookies(); return; } + } /* all tests passed, copy in domain to hostname field */