← Back to branch summary

~ubuntu-branches/ubuntu/utopic/curl/utopic-updates

« back to all changes in this revision

Viewing changes to tests/data/test31

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-09-11 08:15:47 UTC
  • Revision ID: package-import@ubuntu.com-20140911081547-kvwvsrk4yadi7ghl
Tags: 7.37.1-1ubuntu2
* SECURITY UPDATE: incorrect cookie handling via partial literal IP
  addresses
  - debian/patches/CVE-2014-3613.patch: only use full host matches for
    hosts used as IP address in lib/cookie.c, added tests to
    tests/data/test1105, tests/data/test31, tests/data/test8.
  - CVE-2014-3613
* SECURITY UPDATE: incorrect cookie handling for TLDs
  - debian/patches/CVE-2014-3620.patch: reject incoming cookies set for
    TLDs in lib/cookie.c, added test to tests/data/test61.
  - CVE-2014-3620

Show diffs side-by-side

added added

removed removed

Lines of Context:
tests/data/test31
51
51
Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030
52
52
Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030
53
53
Set-Cookie: magic=yessir; path=/silly/; HttpOnly
54
 
Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad;
 
54
Set-Cookie: blexp=yesyes; domain=127.0.0.1; domain=127.0.0.1; expiry=totally bad;
 
55
Set-Cookie: partialip=nono; domain=.0.0.1;
55
56
 
56
57
boo
57
58
</data>
95
96
# http://curl.haxx.se/docs/http-cookies.html
96
97
# This file was generated by libcurl! Edit at your own risk.
97
98
 
98
 
.127.0.0.1      TRUE    /silly/ FALSE   0       ismatch this
99
 
.127.0.0.1      TRUE    /overwrite      FALSE   0       overwrite       this2
100
 
.127.0.0.1      TRUE    /secure1/       TRUE    0       sec1value       secure1
101
 
.127.0.0.1      TRUE    /secure2/       TRUE    0       sec2value       secure2
102
 
.127.0.0.1      TRUE    /secure3/       TRUE    0       sec3value       secure3
103
 
.127.0.0.1      TRUE    /secure4/       TRUE    0       sec4value       secure4
104
 
.127.0.0.1      TRUE    /secure5/       TRUE    0       sec5value       secure5
105
 
.127.0.0.1      TRUE    /secure6/       TRUE    0       sec6value       secure6
106
 
.127.0.0.1      TRUE    /secure7/       TRUE    0       sec7value       secure7
107
 
.127.0.0.1      TRUE    /secure8/       TRUE    0       sec8value       secure8
108
 
.127.0.0.1      TRUE    /secure9/       TRUE    0       secure  very1
109
 
#HttpOnly_.127.0.0.1    TRUE    /p1/    FALSE   0       httpo1  value1
110
 
#HttpOnly_.127.0.0.1    TRUE    /p2/    FALSE   0       httpo2  value2
111
 
#HttpOnly_.127.0.0.1    TRUE    /p3/    FALSE   0       httpo3  value3
112
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    FALSE   0       httpo4  value4
113
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    FALSE   0       httponly        myvalue1
114
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec      myvalue2
115
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec2     myvalue3
116
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec3     myvalue4
117
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec4     myvalue5
118
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec5     myvalue6
119
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec6     myvalue7
120
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec7     myvalue8
121
 
#HttpOnly_.127.0.0.1    TRUE    /p4/    TRUE    0       httpandsec8     myvalue9
122
 
.127.0.0.1      TRUE    /       FALSE   0       partmatch       present
 
99
127.0.0.1       FALSE   /silly/ FALSE   0       ismatch this
 
100
127.0.0.1       FALSE   /overwrite      FALSE   0       overwrite       this2
 
101
127.0.0.1       FALSE   /secure1/       TRUE    0       sec1value       secure1
 
102
127.0.0.1       FALSE   /secure2/       TRUE    0       sec2value       secure2
 
103
127.0.0.1       FALSE   /secure3/       TRUE    0       sec3value       secure3
 
104
127.0.0.1       FALSE   /secure4/       TRUE    0       sec4value       secure4
 
105
127.0.0.1       FALSE   /secure5/       TRUE    0       sec5value       secure5
 
106
127.0.0.1       FALSE   /secure6/       TRUE    0       sec6value       secure6
 
107
127.0.0.1       FALSE   /secure7/       TRUE    0       sec7value       secure7
 
108
127.0.0.1       FALSE   /secure8/       TRUE    0       sec8value       secure8
 
109
127.0.0.1       FALSE   /secure9/       TRUE    0       secure  very1
 
110
#HttpOnly_127.0.0.1     FALSE   /p1/    FALSE   0       httpo1  value1
 
111
#HttpOnly_127.0.0.1     FALSE   /p2/    FALSE   0       httpo2  value2
 
112
#HttpOnly_127.0.0.1     FALSE   /p3/    FALSE   0       httpo3  value3
 
113
#HttpOnly_127.0.0.1     FALSE   /p4/    FALSE   0       httpo4  value4
 
114
#HttpOnly_127.0.0.1     FALSE   /p4/    FALSE   0       httponly        myvalue1
 
115
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec      myvalue2
 
116
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec2     myvalue3
 
117
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec3     myvalue4
 
118
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec4     myvalue5
 
119
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec5     myvalue6
 
120
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec6     myvalue7
 
121
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec7     myvalue8
 
122
#HttpOnly_127.0.0.1     FALSE   /p4/    TRUE    0       httpandsec8     myvalue9
 
123
127.0.0.1       FALSE   /       FALSE   0       partmatch       present
123
124
127.0.0.1       FALSE   /we/want/       FALSE   2054030187      nodomain        value
124
125
#HttpOnly_127.0.0.1     FALSE   /silly/ FALSE   0       magic   yessir
125
 
.0.0.1  TRUE    /we/want/       FALSE   0       blexp   yesyes
 
126
127.0.0.1       FALSE   /we/want/       FALSE   0       blexp   yesyes
126
127
</file>
127
128
</verify>
128
129
</testcase>