diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2015-09-28 14:55:13 +0200 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2015-09-28 14:55:13 +0200 |
| commit | c6811bd0e854a91bc0c3f9cda676818bd5c76a5c (patch) | |
| tree | 90ec995638ef16cab9e715bc060c22ffbe821715 | |
| parent | 86ef19b450ec25d420db8ac28ddfa6f4bd1c9a08 (diff) | |
| download | mitmproxy-c6811bd0e854a91bc0c3f9cda676818bd5c76a5c.tar.gz mitmproxy-c6811bd0e854a91bc0c3f9cda676818bd5c76a5c.tar.bz2 mitmproxy-c6811bd0e854a91bc0c3f9cda676818bd5c76a5c.zip | |
fix #773
| -rw-r--r-- | libmproxy/models/http.py | 18 | ||||
| -rw-r--r-- | test/test_flow.py | 5 |
2 files changed, 19 insertions, 4 deletions
diff --git a/libmproxy/models/http.py b/libmproxy/models/http.py index 30863170..dfa3a824 100644 --- a/libmproxy/models/http.py +++ b/libmproxy/models/http.py @@ -354,7 +354,10 @@ class HTTPResponse(MessageMixin, Response): Takes a cookie string c and a time delta in seconds, and returns a refreshed cookie string. """ - c = Cookie.SimpleCookie(str(c)) + try: + c = Cookie.SimpleCookie(str(c)) + except Cookie.CookieError: + raise ValueError("Invalid Cookie") for i in c.values(): if "expires" in i: d = parsedate_tz(i["expires"]) @@ -369,7 +372,10 @@ class HTTPResponse(MessageMixin, Response): # appear to parse this tolerantly - maybe we should too. # For now, we just ignore this. del i["expires"] - return c.output(header="").strip() + ret = c.output(header="").strip() + if not ret: + raise ValueError("Invalid Cookie") + return ret def refresh(self, now=None): """ @@ -394,8 +400,12 @@ class HTTPResponse(MessageMixin, Response): new = mktime_tz(d) + delta self.headers[i] = formatdate(new) c = [] - for i in self.headers.get_all("set-cookie"): - c.append(self._refresh_cookie(i, delta)) + for set_cookie_header in self.headers.get_all("set-cookie"): + try: + refreshed = self._refresh_cookie(set_cookie_header, delta) + except ValueError: + refreshed = set_cookie_header + c.append(refreshed) if c: self.headers.set_all("set-cookie", c) diff --git a/test/test_flow.py b/test/test_flow.py index 1d5cc354..d052a8e8 100644 --- a/test/test_flow.py +++ b/test/test_flow.py @@ -1155,6 +1155,11 @@ class TestResponse: c = "MOO=BAR; Expires=Tue, 08-Mar-2011 00:20:38 GMT; Path=foo.com; Secure" assert "00:21:38" in r._refresh_cookie(c, 60) + # https://github.com/mitmproxy/mitmproxy/issues/773 + c = ">=A" + with tutils.raises(ValueError): + r._refresh_cookie(c, 60) + def test_replace(self): r = HTTPResponse.wrap(netlib.tutils.tresp()) r.headers["Foo"] = "fOo" |