bug 643051 - document.cookie should only allow setting one cookie at a time
authorChristian Biesinger <cbiesinger@gmail.com>
Mon, 11 Apr 2011 16:26:11 -0700
changeset 67865 61b822ac2d41e5182772d8fba33b04e99b1e47da
parent 67864 94874a2f3bb3e7e58159aebcfdb5bb5e2d091aaf
child 67866 8b0b0bc824c04a0a1ee35c263394656b6480c0da
push id1
push userroot
push dateTue, 26 Apr 2011 22:38:44 +0000
treeherdermozilla-beta@bfdb6e623a36 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs643051
milestone2.2a1pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 643051 - document.cookie should only allow setting one cookie at a time r=bz
content/base/test/test_CrossSiteXHR.html
content/html/content/test/Makefile.in
content/html/content/test/test_bug643051.html
netwerk/cookie/nsCookieService.cpp
netwerk/cookie/test/unit/test_bug643051.js
--- a/content/base/test/test_CrossSiteXHR.html
+++ b/content/base/test/test_CrossSiteXHR.html
@@ -837,16 +837,21 @@ function runTest() {
       is(res.events.join(","),
          "opening,rs1,sending,rs1,loadstart,rs2,rs4,error,loadend",
          "wrong events in test for " + test.toSource());
       is(res.progressEvents, 0,
          "wrong events in test for " + test.toSource());
     }
   }
 
+  // Make sure to clear cookies to avoid affecting other tests
+  document.cookie = "a=; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT"
+  is(document.cookie, "", "No cookies should be left over");
+
+
   // Test redirects
   is(loader.src, "http://example.org/tests/content/base/test/file_CrossSiteXHR_inner.html");
   is(origin, "http://example.org");
 
   tests = [{ pass: 1,
              method: "GET",
              hops: [{ server: "http://example.com",
                       allowOrigin: origin
--- a/content/html/content/test/Makefile.in
+++ b/content/html/content/test/Makefile.in
@@ -255,12 +255,13 @@ include $(topsrcdir)/config/rules.mk
 		test_bug619278.html \
 		test_bug622558.html \
 		test_bug622597.html \
 		test_bug636336.html \
 		test_bug630889.html \
 		test_bug610212.html \
 		test_bug633058.html \
 		test_bug641219.html \
+		test_bug643051.html \
 		$(NULL)
 
 libs:: $(_TEST_FILES)
 	$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir)
new file mode 100644
--- /dev/null
+++ b/content/html/content/test/test_bug643051.html
@@ -0,0 +1,43 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=643051
+-->
+<head>
+  <title>Test for Bug 643051</title>
+  <script type="application/javascript" src="/MochiKit/packed.js"></script>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=643051">Mozilla Bug 643051</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script type="application/javascript">
+
+/** Test for Bug 643051 **/
+document.cookie = "a=; expires=Thu, 01-Jan-1970 00:00:01 GMT";  // clear cookie
+document.cookie = "a2=; expires=Thu, 01-Jan-1970 00:00:01 GMT";  // clear cookie
+document.cookie = "a3=; expires=Thu, 01-Jan-1970 00:00:01 GMT";  // clear cookie
+
+// single cookie, should work
+document.cookie = "a=bar";
+is(document.cookie, "a=bar", "Can't read stored cookie!");
+
+document.cookie = "a2=bar\na3=bar";
+is(document.cookie, "a=bar; a2=bar", "Wrong cookie value");
+
+document.cookie = "a2=baz; a3=bar";
+is(document.cookie, "a=bar; a2=baz", "Wrong cookie value");
+
+// clear cookies again to avoid affecting other tests
+document.cookie = "a=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
+document.cookie = "a2=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
+document.cookie = "a3=; expires=Thu, 01-Jan-1970 00:00:01 GMT";
+</script>
+</pre>
+</body>
+</html>
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -1545,17 +1545,21 @@ nsCookieService::SetCookieStringInternal
     serverTime = tempServerTime / PR_USEC_PER_SEC;
   } else {
     serverTime = PR_Now() / PR_USEC_PER_SEC;
   }
 
   // process each cookie in the header
   nsDependentCString cookieHeader(aCookieHeader);
   while (SetCookieInternal(aHostURI, baseDomain, requireHostMatch,
-                           cookieStatus, cookieHeader, serverTime, aFromHttp));
+                           cookieStatus, cookieHeader, serverTime, aFromHttp)) {
+    // document.cookie can only set one cookie at a time
+    if (!aFromHttp)
+      break;
+  }
 }
 
 // notify observers that a cookie was rejected due to the users' prefs.
 void
 nsCookieService::NotifyRejected(nsIURI *aHostURI)
 {
   if (mObserverService)
     mObserverService->NotifyObservers(aHostURI, "cookie-rejected", nsnull);
new file mode 100644
--- /dev/null
+++ b/netwerk/cookie/test/unit/test_bug643051.js
@@ -0,0 +1,25 @@
+const Cc = Components.classes;
+const Ci = Components.interfaces;
+
+Components.utils.import("resource://gre/modules/NetUtil.jsm");
+
+function run_test() {
+  let cs = Cc["@mozilla.org/cookieService;1"].getService(Ci.nsICookieService);
+
+  let uri = NetUtil.newURI("http://example.org/");
+
+  let set = "foo=bar\nbaz=foo";
+  let expected = "foo=bar; baz=foo";
+  cs.setCookieStringFromHttp(uri, null, null, set, null, null);
+
+  let actual = cs.getCookieStringFromHttp(uri, null, null);
+  do_check_eq(actual, expected);
+
+  uri = NetUtil.newURI("http://example.com/");
+  cs.setCookieString(uri, null, set, null);
+
+  expected = "foo=bar";
+  actual = cs.getCookieString(uri, null, null);
+  do_check_eq(actual, expected);
+}
+