aboutsummaryrefslogtreecommitdiffstats
path: root/libavformat
diff options
context:
space:
mode:
authorNicolas George <george@nsup.org>2014-08-17 14:09:45 +0200
committerNicolas George <george@nsup.org>2014-08-17 20:07:27 +0200
commit481cbc5ad578bbde804464487add074e8c7d1e76 (patch)
tree7e47b6e6b438e20fb70efbb3207163c9d104e6f3 /libavformat
parent94f60b65446b37132d7bd644ab2c4627d9488295 (diff)
downloadffmpeg-481cbc5ad578bbde804464487add074e8c7d1e76.tar.gz
lavf/http: fix cookie parsing.
The current code would use any unknown attribute-value pair as the cookie value. RFC 6265 states that the first key-value pair is the actual cookie, and the attribute-value pairs only start after. With the current code: Set-Cookie: test=good_value; path=/; dummy=42 gives this: Cookie: dummy=42 instead of this with the new code: Cookie: test=good_value
Diffstat (limited to 'libavformat')
-rw-r--r--libavformat/http.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/libavformat/http.c b/libavformat/http.c
index 7480834ec3..bd67645e46 100644
--- a/libavformat/http.c
+++ b/libavformat/http.c
@@ -565,8 +565,11 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path,
set_cookies = NULL;
while ((param = av_strtok(cookie, "; ", &next_param))) {
- cookie = NULL;
- if (!av_strncasecmp("path=", param, 5)) {
+ if (cookie) {
+ // first key-value pair is the actual cookie value
+ cvalue = av_strdup(param);
+ cookie = NULL;
+ } else if (!av_strncasecmp("path=", param, 5)) {
av_free(cpath);
cpath = av_strdup(&param[5]);
} else if (!av_strncasecmp("domain=", param, 7)) {
@@ -581,8 +584,7 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path,
!av_strncasecmp("version", param, 7)) {
// ignore Comment, Max-Age, Secure and Version
} else {
- av_free(cvalue);
- cvalue = av_strdup(param);
+ // ignore unknown attributes
}
}
if (!cdomain)