diff options
author | Nicolas George <george@nsup.org> | 2014-08-17 14:09:45 +0200 |
---|---|---|
committer | Nicolas George <george@nsup.org> | 2014-08-17 20:07:27 +0200 |
commit | 481cbc5ad578bbde804464487add074e8c7d1e76 (patch) | |
tree | 7e47b6e6b438e20fb70efbb3207163c9d104e6f3 /libavformat | |
parent | 94f60b65446b37132d7bd644ab2c4627d9488295 (diff) | |
download | ffmpeg-481cbc5ad578bbde804464487add074e8c7d1e76.tar.gz |
lavf/http: fix cookie parsing.
The current code would use any unknown attribute-value pair
as the cookie value.
RFC 6265 states that the first key-value pair is the actual
cookie, and the attribute-value pairs only start after.
With the current code:
Set-Cookie: test=good_value; path=/; dummy=42
gives this:
Cookie: dummy=42
instead of this with the new code:
Cookie: test=good_value
Diffstat (limited to 'libavformat')
-rw-r--r-- | libavformat/http.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/libavformat/http.c b/libavformat/http.c index 7480834ec3..bd67645e46 100644 --- a/libavformat/http.c +++ b/libavformat/http.c @@ -565,8 +565,11 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path, set_cookies = NULL; while ((param = av_strtok(cookie, "; ", &next_param))) { - cookie = NULL; - if (!av_strncasecmp("path=", param, 5)) { + if (cookie) { + // first key-value pair is the actual cookie value + cvalue = av_strdup(param); + cookie = NULL; + } else if (!av_strncasecmp("path=", param, 5)) { av_free(cpath); cpath = av_strdup(¶m[5]); } else if (!av_strncasecmp("domain=", param, 7)) { @@ -581,8 +584,7 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path, !av_strncasecmp("version", param, 7)) { // ignore Comment, Max-Age, Secure and Version } else { - av_free(cvalue); - cvalue = av_strdup(param); + // ignore unknown attributes } } if (!cdomain) |