diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2011-08-26 17:37:12 +1200 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2011-08-26 17:37:12 +1200 |
| commit | 8fbba59e8dbd75c4848b3e96ea931f40a7667dc9 (patch) | |
| tree | 7aa5e2d4c0a4e83c5d7a40fb41974caff0db4caa | |
| parent | 45f4768a5cc4e820d1b5d7d221e2974f6ddf390d (diff) | |
| download | mitmproxy-8fbba59e8dbd75c4848b3e96ea931f40a7667dc9.tar.gz mitmproxy-8fbba59e8dbd75c4848b3e96ea931f40a7667dc9.tar.bz2 mitmproxy-8fbba59e8dbd75c4848b3e96ea931f40a7667dc9.zip | |
Fix a problem with sticky cookie domain matching.
Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
| -rw-r--r-- | libmproxy/flow.py | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/libmproxy/flow.py b/libmproxy/flow.py index c0130ec3..83d69753 100644 --- a/libmproxy/flow.py +++ b/libmproxy/flow.py @@ -759,6 +759,13 @@ class StickyCookieState: m["path"] or "/" ) + def domain_match(self, a, b): + if cookielib.domain_match(a, b): + return True + elif cookielib.domain_match(a, b.strip(".")): + return True + return False + def handle_response(self, f): for i in f.response.headers["set-cookie"]: # FIXME: We now know that Cookie.py screws up some cookies with @@ -766,22 +773,23 @@ class StickyCookieState: c = Cookie.SimpleCookie(str(i)) m = c.values()[0] k = self.ckey(m, f) - if cookielib.domain_match(f.request.host, k[0]): + if self.domain_match(f.request.host, k[0]): self.jar[self.ckey(m, f)] = m def handle_request(self, f): + l = [] if f.match(self.flt): for i in self.jar.keys(): match = [ - cookielib.domain_match(i[0], f.request.host), + self.domain_match(f.request.host, i[0]), f.request.port == i[1], f.request.path.startswith(i[2]) ] if all(match): - l = f.request.headers["cookie"] - f.request.stickycookie = True l.append(self.jar[i].output(header="").strip()) - f.request.headers["cookie"] = l + if l: + f.request.stickycookie = True + f.request.headers["cookie"] = l class StickyAuthState: |