Re: [NSE] http library cookie bug

[Patrik Karlsson <patrik () cqure net>]

On Mar 15, 2011, at 21:18 , John Bond wrote:

> On 15 March 2011 20:33, Patrik Karlsson <patrik () cqure net> wrote:
> > Hi,
> >
> > I think I ran into a bug when testing some code that handles cookies.
> > As far as I can understand from RFC 2109 "Attributes (names) (attr) are case-insensitive."
> >
> > When the http-library parses the cookie, each name value pair is processed and a table field is dynamically created 
> > using the following code:
> > cookie[name] = value
> >
> > I'm testing against two different servers. One returns the cookie path value all lowercase and the second using a 
> > leading capital P.
> > I think it would make more sense if the cookie attributes were always stored using lowercase table field names.
> > So I propose the following patch:
> >
> > - cookie[name] = value
> > + cookie[name:lower()] = value
>
> Im not familiar with the specifics of the cookie rfc's however in http
> 1.1 paths should be considered case-sensitive[1] so i suspect it is
> the same for the path part of the http cookie

In this case, it's not actually the path value but the attribute name.
So consider the following examples:

Set-Cookie: A=B; path=/; domain=.foo.com
Set-Cookie: A=B; Path=/; domain=.foo.com

In the first example the path attribute would be accessible from the cookie table like this: cookie.path
While in the second example, you would need to do the following: cookie.Path

//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/