Don't store cookies with empty names

* lisp/url/url-cookie.el (url-cookie-store): Refuse to store cookies with empty names (bug#21936).
author: Lars Ingebrigtsen 2015-12-25 06:33:25 +0100
committer: Lars Ingebrigtsen 2015-12-25 06:33:25 +0100
commit: 9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c (patch)
tree: ad4a618132dc76d56411a9e5b2d73303e2d11bd9
parent: 248da292fe46224b0b5a79b632c89cf4de2c2081 (diff)
download: emacs-9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c.tar.gz
emacs-9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c.zip
1 files changed, 36 insertions, 35 deletions
diff --git a/lisp/url/url-cookie.el b/lisp/url/url-cookie.el
index df9cf621037..1f8ddfdb109 100644
--- a/lisp/url/url-cookie.el
+++ b/lisp/url/url-cookie.el
@@ -119,41 +119,42 @@ telling Microsoft that."
 (defun url-cookie-store (name value &optional expires domain localpart secure)
  "Store a cookie."
-  (let ((storage (if secure url-cookie-secure-storage url-cookie-storage))
+  (when (> (length name) 0)
-        tmp found-domain)
+    (let ((storage (if secure url-cookie-secure-storage url-cookie-storage))
-    ;; First, look for a matching domain.
+          tmp found-domain)
-    (if (setq found-domain (assoc domain storage))
+      ;; First, look for a matching domain.
-        ;; Need to either stick the new cookie in existing domain storage
+      (if (setq found-domain (assoc domain storage))
-        ;; or possibly replace an existing cookie if the names match.
+          ;; Need to either stick the new cookie in existing domain storage
-        (unless (dolist (cur (setq storage (cdr found-domain)) tmp)
+          ;; or possibly replace an existing cookie if the names match.
-                  (and (equal localpart (url-cookie-localpart cur))
+          (unless (dolist (cur (setq storage (cdr found-domain)) tmp)
-                       (equal name (url-cookie-name cur))
+                    (and (equal localpart (url-cookie-localpart cur))
-                       (progn
+                         (equal name (url-cookie-name cur))
-                         (setf (url-cookie-expires cur) expires)
+                         (progn
-                         (setf (url-cookie-value cur) value)
+                           (setf (url-cookie-expires cur) expires)
-                         (setq tmp t))))
+                           (setf (url-cookie-value cur) value)
-          ;; New cookie.
+                           (setq tmp t))))
-          (setcdr found-domain (cons
+            ;; New cookie.
-                                (url-cookie-create :name name
+            (setcdr found-domain (cons
-                                                   :value value
+                                  (url-cookie-create :name name
-                                                   :expires expires
+                                                     :value value
-                                                   :domain domain
+                                                     :expires expires
-                                                   :localpart localpart
+                                                     :domain domain
-                                                   :secure secure)
+                                                     :localpart localpart
-                                (cdr found-domain))))
+                                                     :secure secure)
-      ;; Need to add a new top-level domain.
+                                  (cdr found-domain))))
-      (setq tmp (url-cookie-create :name name
+        ;; Need to add a new top-level domain.
-                                   :value value
+        (setq tmp (url-cookie-create :name name
-                                   :expires expires
+                                     :value value
-                                   :domain domain
+                                     :expires expires
-                                   :localpart localpart
+                                     :domain domain
-                                   :secure secure))
+                                     :localpart localpart
-      (cond (storage
+                                     :secure secure))
-             (setcdr storage (cons (list domain tmp) (cdr storage))))
+        (cond (storage
-            (secure
+               (setcdr storage (cons (list domain tmp) (cdr storage))))
-             (setq url-cookie-secure-storage (list (list domain tmp))))
+              (secure
-            (t
+               (setq url-cookie-secure-storage (list (list domain tmp))))
-             (setq url-cookie-storage (list (list domain tmp))))))))
+              (t
+               (setq url-cookie-storage (list (list domain tmp)))))))))
 (defun url-cookie-expired-p (cookie)
  "Return non-nil if COOKIE is expired."
author	Lars Ingebrigtsen	2015-12-25 06:33:25 +0100
committer	Lars Ingebrigtsen	2015-12-25 06:33:25 +0100
commit	9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c (patch)
tree	ad4a618132dc76d56411a9e5b2d73303e2d11bd9
parent	248da292fe46224b0b5a79b632c89cf4de2c2081 (diff)
download	emacs-9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c.tar.gz emacs-9f0fd7cb1aec3eb9e2e0f7b8854c30870286d96c.zip

diff --git a/lisp/url/url-cookie.el b/lisp/url/url-cookie.el index df9cf621037..1f8ddfdb109 100644 --- a/lisp/url/url-cookie.el +++ b/lisp/url/url-cookie.el
@@ -119,41 +119,42 @@ telling Microsoft that."
119		119
120	(defun url-cookie-store (name value &optional expires domain localpart secure)	120	(defun url-cookie-store (name value &optional expires domain localpart secure)
121	"Store a cookie."	121	"Store a cookie."
122	(let ((storage (if secure url-cookie-secure-storage url-cookie-storage))	122	(when (> (length name) 0)
123	tmp found-domain)	123	(let ((storage (if secure url-cookie-secure-storage url-cookie-storage))
124	;; First, look for a matching domain.	124	tmp found-domain)
125	(if (setq found-domain (assoc domain storage))	125	;; First, look for a matching domain.
126	;; Need to either stick the new cookie in existing domain storage	126	(if (setq found-domain (assoc domain storage))
127	;; or possibly replace an existing cookie if the names match.	127	;; Need to either stick the new cookie in existing domain storage
128	(unless (dolist (cur (setq storage (cdr found-domain)) tmp)	128	;; or possibly replace an existing cookie if the names match.
129	(and (equal localpart (url-cookie-localpart cur))	129	(unless (dolist (cur (setq storage (cdr found-domain)) tmp)
130	(equal name (url-cookie-name cur))	130	(and (equal localpart (url-cookie-localpart cur))
131	(progn	131	(equal name (url-cookie-name cur))
132	(setf (url-cookie-expires cur) expires)	132	(progn
133	(setf (url-cookie-value cur) value)	133	(setf (url-cookie-expires cur) expires)
134	(setq tmp t))))	134	(setf (url-cookie-value cur) value)
135	;; New cookie.	135	(setq tmp t))))
136	(setcdr found-domain (cons	136	;; New cookie.
137	(url-cookie-create :name name	137	(setcdr found-domain (cons
138	:value value	138	(url-cookie-create :name name
139	:expires expires	139	:value value
140	:domain domain	140	:expires expires
141	:localpart localpart	141	:domain domain
142	:secure secure)	142	:localpart localpart
143	(cdr found-domain))))	143	:secure secure)
144	;; Need to add a new top-level domain.	144	(cdr found-domain))))
145	(setq tmp (url-cookie-create :name name	145	;; Need to add a new top-level domain.
146	:value value	146	(setq tmp (url-cookie-create :name name
147	:expires expires	147	:value value
148	:domain domain	148	:expires expires
149	:localpart localpart	149	:domain domain
150	:secure secure))	150	:localpart localpart
151	(cond (storage	151	:secure secure))
152	(setcdr storage (cons (list domain tmp) (cdr storage))))	152	(cond (storage
153	(secure	153	(setcdr storage (cons (list domain tmp) (cdr storage))))
154	(setq url-cookie-secure-storage (list (list domain tmp))))	154	(secure
155	(t	155	(setq url-cookie-secure-storage (list (list domain tmp))))
156	(setq url-cookie-storage (list (list domain tmp))))))))	156	(t
		157	(setq url-cookie-storage (list (list domain tmp)))))))))
157		158
158	(defun url-cookie-expired-p (cookie)	159	(defun url-cookie-expired-p (cookie)
159	"Return non-nil if COOKIE is expired."	160	"Return non-nil if COOKIE is expired."