From c6811bd0e854a91bc0c3f9cda676818bd5c76a5c Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Mon, 28 Sep 2015 14:55:13 +0200 Subject: fix #773 --- libmproxy/models/http.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'libmproxy') diff --git a/libmproxy/models/http.py b/libmproxy/models/http.py index 30863170..dfa3a824 100644 --- a/libmproxy/models/http.py +++ b/libmproxy/models/http.py @@ -354,7 +354,10 @@ class HTTPResponse(MessageMixin, Response): Takes a cookie string c and a time delta in seconds, and returns a refreshed cookie string. """ - c = Cookie.SimpleCookie(str(c)) + try: + c = Cookie.SimpleCookie(str(c)) + except Cookie.CookieError: + raise ValueError("Invalid Cookie") for i in c.values(): if "expires" in i: d = parsedate_tz(i["expires"]) @@ -369,7 +372,10 @@ class HTTPResponse(MessageMixin, Response): # appear to parse this tolerantly - maybe we should too. # For now, we just ignore this. del i["expires"] - return c.output(header="").strip() + ret = c.output(header="").strip() + if not ret: + raise ValueError("Invalid Cookie") + return ret def refresh(self, now=None): """ @@ -394,8 +400,12 @@ class HTTPResponse(MessageMixin, Response): new = mktime_tz(d) + delta self.headers[i] = formatdate(new) c = [] - for i in self.headers.get_all("set-cookie"): - c.append(self._refresh_cookie(i, delta)) + for set_cookie_header in self.headers.get_all("set-cookie"): + try: + refreshed = self._refresh_cookie(set_cookie_header, delta) + except ValueError: + refreshed = set_cookie_header + c.append(refreshed) if c: self.headers.set_all("set-cookie", c) -- cgit v1.2.3