Zend Framework

The cookie path has some problem in Zend_Http_CookieJar

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.0.0 RC3
  • Fix Version/s: 1.9.0
  • Component/s: Zend_Http_CookieJar
  • Labels:
    None

Description

If using $path="/a/b/",the cookie which exsits in the path "/a/b/" will be filtered.
for example:

<?php
        require_once('Zend/Http/Client.php');
        require_once('Zend/Http/CookieJar.php');

        $params=array('continue'=>'https://www.google.com:443/a/yourdomain.com/Dashboard',
 			'service'=>'CPanel',
 			'persistent'=>'true',
 			'at'=>'null',
 			'userName'=>'admin',
 			'password'=>'****'			
 				);
        $client=new Zend_Http_Client();
        $client->setCookieJar();
 
        $client->setUri('https://www.google.com/a/yourdomain.com/LoginAction');
        $client->setParameterPost($params);
        $client->request('POST');

The example can not send correct Cookie.The cookie in path of "a/yourdomain.com/LoginAction/" will be lost.
if i fixed Zend_Http_Cookiejar using this codes as follows:

protected function _matchPath($domains, $path) {
        $ret = array();
        
        foreach ($domains as $dom => $paths_array) {
            foreach (array_keys($paths_array) as $cpath) {
                $regex = "|^" . preg_quote($cpath, "|") . "|i";
                if (preg_match($regex, $path."/") {  //I changed the line
                    if (! isset($ret[$dom])) $ret[$dom] = array();
                    $ret[$dom][$cpath] = &$paths_array[$cpath];
                }
            }
        }
        
        return $ret;
    }

The example will return right result.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Bill Karwin added a comment -

Assigned to Shahar.

Show
Bill Karwin added a comment - Assigned to Shahar.
Hide
Permalink
Shahar Evron added a comment -

Thanks for the report - should be fixed in r. 5460 + unit tests added.

Show
Shahar Evron added a comment - Thanks for the report - should be fixed in r. 5460 + unit tests added.
Hide
Permalink
Anhui Lin added a comment -

Hello, Shahar Evron

The bug exist in the method of getCookie().

Show
Anhui Lin added a comment - Hello, Shahar Evron The bug exist in the method of getCookie().
Hide
Permalink
Shahar Evron added a comment -

HI,

Can you attach some reproduction code?

Show
Shahar Evron added a comment - HI, Can you attach some reproduction code?
Hide
Permalink
Anhui Lin added a comment -

Hi,
This is the code.

<?php
        require_once('Zend/Http/Client.php');
        require_once('Zend/Http/CookieJar.php');

        $params=array('continue'=>'https://www.google.com:443/a/yourdomain.com/Dashboard',
 			'service'=>'CPanel',
 			'persistent'=>'true',
 			'at'=>'null',
 			'userName'=>'admin',
 			'password'=>'****'			
 				);
        $client=new Zend_Http_Client();
        $client->setCookieJar();
 
        $client->setUri('https://www.google.com/a/yourdomain.com/LoginAction');
        $client->setParameterPost($params);
        $client->request('POST');

        $jar=$client->getCookieJar();
        $cpat=$jar->getCookie('https://www.google.com/a/cpanel/yourdomain.com/Dashboard','CP_AT');
        $at=$cpat->getValue();

The example will get wrong result.
But I changed the code as follows:

public function getCookie($uri, $cookie_name, $ret_as = self::COOKIE_OBJECT)
    {
        if (is_string($uri)) {
            $uri = Zend_Uri::factory($uri);
        }
        
        if (! $uri instanceof Zend_Uri_Http) {
            throw new Zend_Http_Exception('Invalid URI specified');
        }
        
        // Get correct cookie path
        $path = $uri->getPath();
        $path = substr($path, 0, strrpos($path, '/'))."/";//The line was changed
        if (! $path) $path = '/';
        
        if (isset($this->cookies[$uri->getHost()][$path][$cookie_name])) {
            $cookie = $this->cookies[$uri->getHost()][$path][$cookie_name];
            
            switch ($ret_as) {
                case self::COOKIE_OBJECT:
                    return $cookie;
                    break;
                    
                case self::COOKIE_STRING_ARRAY:
                case self::COOKIE_STRING_CONCAT:
                    return $cookie->__toString();
                    break;
                    
                default:
                    throw new Zend_Http_Exception("Invalid value passed for \$ret_as: {$ret_as}");
                    break;
            }
        } else {
            return false;
        }
    }

The result will be right.
Can you give me Email?Thanks!

Show
Anhui Lin added a comment - Hi, This is the code. 
<?php
        require_once('Zend/Http/Client.php');
        require_once('Zend/Http/CookieJar.php');

        $params=array('continue'=>'https://www.google.com:443/a/yourdomain.com/Dashboard',
 			'service'=>'CPanel',
 			'persistent'=>'true',
 			'at'=>'null',
 			'userName'=>'admin',
 			'password'=>'****'			
 				);
        $client=new Zend_Http_Client();
        $client->setCookieJar();
 
        $client->setUri('https://www.google.com/a/yourdomain.com/LoginAction');
        $client->setParameterPost($params);
        $client->request('POST');

        $jar=$client->getCookieJar();
        $cpat=$jar->getCookie('https://www.google.com/a/cpanel/yourdomain.com/Dashboard','CP_AT');
        $at=$cpat->getValue();
The example will get wrong result. But I changed the code as follows: 
public function getCookie($uri, $cookie_name, $ret_as = self::COOKIE_OBJECT)
    {
        if (is_string($uri)) {
            $uri = Zend_Uri::factory($uri);
        }
        
        if (! $uri instanceof Zend_Uri_Http) {
            throw new Zend_Http_Exception('Invalid URI specified');
        }
        
        // Get correct cookie path
        $path = $uri->getPath();
        $path = substr($path, 0, strrpos($path, '/'))."/";//The line was changed
        if (! $path) $path = '/';
        
        if (isset($this->cookies[$uri->getHost()][$path][$cookie_name])) {
            $cookie = $this->cookies[$uri->getHost()][$path][$cookie_name];
            
            switch ($ret_as) {
                case self::COOKIE_OBJECT:
                    return $cookie;
                    break;
                    
                case self::COOKIE_STRING_ARRAY:
                case self::COOKIE_STRING_CONCAT:
                    return $cookie->__toString();
                    break;
                    
                default:
                    throw new Zend_Http_Exception("Invalid value passed for \$ret_as: {$ret_as}");
                    break;
            }
        } else {
            return false;
        }
    }
The result will be right. Can you give me Email?Thanks!
Hide
Permalink
Darby Felton added a comment -

Fix version after 1.0.1.

Show
Darby Felton added a comment - Fix version after 1.0.1.
Hide
Permalink
Shahar Evron added a comment -

Hallelujah - after 2 years, fixed in rev. 17079

Thanks!

Show
Shahar Evron added a comment - Hallelujah - after 2 years, fixed in rev. 17079 Thanks!
Hide
Permalink
Satoru Yoshida added a comment -

I set fix version. I find this at SVN r17118 in 1.9 branch.

Show
Satoru Yoshida added a comment - I set fix version. I find this at SVN r17118 in 1.9 branch.

People

Vote (1)
Watch (2)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Zend Framework. Try JIRA - bug tracking software for your team.