From 8fbba59e8dbd75c4848b3e96ea931f40a7667dc9 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 26 Aug 2011 17:37:12 +1200
Subject: Fix a problem with sticky cookie domain matching.

Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
---
 libmproxy/flow.py | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/libmproxy/flow.py b/libmproxy/flow.py
index c0130ec3..83d69753 100644
--- a/libmproxy/flow.py
+++ b/libmproxy/flow.py
@@ -759,6 +759,13 @@ class StickyCookieState:
             m["path"] or "/"
         )
 
+    def domain_match(self, a, b):
+        if cookielib.domain_match(a, b):
+            return True
+        elif cookielib.domain_match(a, b.strip(".")):
+            return True
+        return False
+
     def handle_response(self, f):
         for i in f.response.headers["set-cookie"]:
             # FIXME: We now know that Cookie.py screws up some cookies with
@@ -766,22 +773,23 @@ class StickyCookieState:
             c = Cookie.SimpleCookie(str(i))
             m = c.values()[0]
             k = self.ckey(m, f)
-            if cookielib.domain_match(f.request.host, k[0]):
+            if self.domain_match(f.request.host, k[0]):
                 self.jar[self.ckey(m, f)] = m
 
     def handle_request(self, f):
+        l = []
         if f.match(self.flt):
             for i in self.jar.keys():
                 match = [
-                    cookielib.domain_match(i[0], f.request.host),
+                    self.domain_match(f.request.host, i[0]),
                     f.request.port == i[1],
                     f.request.path.startswith(i[2])
                 ]
                 if all(match):
-                    l = f.request.headers["cookie"]
-                    f.request.stickycookie = True
                     l.append(self.jar[i].output(header="").strip())
-                    f.request.headers["cookie"] = l
+        if l:
+            f.request.stickycookie = True
+            f.request.headers["cookie"] = l
 
 
 class StickyAuthState:
-- 
cgit v1.2.3


From 4ac59a7859962f40fd7c7eb787664bda574cfed8 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 26 Aug 2011 18:03:03 +1200
Subject: Fix a rare crash in sticky cookies.

---
 libmproxy/flow.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libmproxy/flow.py b/libmproxy/flow.py
index 83d69753..c09352c2 100644
--- a/libmproxy/flow.py
+++ b/libmproxy/flow.py
@@ -1312,7 +1312,8 @@ class FlowMaster(controller.Master):
             self.client_playback.clear(f)
         if not f:
             r._ack()
-        self.process_new_response(f)
+        if f:
+            self.process_new_response(f)
         return f
 
     def shutdown(self):
-- 
cgit v1.2.3


From b635112d3613d47247ac22390786aaaffcd2a3fd Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 26 Aug 2011 19:01:33 +1200
Subject: Add an example script that turns all PNGs upside down.

---
 examples/upsidedownternet.py | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 examples/upsidedownternet.py

diff --git a/examples/upsidedownternet.py b/examples/upsidedownternet.py
new file mode 100644
index 00000000..28d34ca9
--- /dev/null
+++ b/examples/upsidedownternet.py
@@ -0,0 +1,9 @@
+import Image, cStringIO
+def response(context, flow):
+    if flow.response.headers["content-type"] == ["image/png"]:
+        s = cStringIO.StringIO(flow.response.content)
+        img = Image.open(s)
+        img = img.rotate(180)
+        s2 = cStringIO.StringIO()
+        img.save(s2, "png")
+        flow.response.content = s2.getvalue()
-- 
cgit v1.2.3