From f612bec0052866cbb090e6c68a84ec34a7d0f957 Mon Sep 17 00:00:00 2001 From: Matthew Jordan Date: Sun, 21 Jul 2013 03:09:16 +0000 Subject: [PATCH] Tolerate presence of RFC2965 Cookie2 header by ignoring it This patch modifies parsing of cookies in Asterisk's http server by doing an explicit comparison of the "Cookie" header instead of looking at the first 6 characters to determine if the header is a cookie header. This avoids parsing "Cookie2" headers and overwriting the previously parsed "Cookie" header. Note that we probably should be appending the cookies in each "Cookie" header to the parsed results; however, while clients can send multiple cookie headers they never really do. While this patch doesn't improve Asterisk's behavior in that regard, it shouldn't make it any worse either. Note that the solution in this patch was pointed out on the issue by the issue reporter, Stuart Henderson. (closes issue ASTERISK-21789) Reported by: Stuart Henderson Tested by: mjordan, Stuart Henderson git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@394899 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- main/http.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main/http.c b/main/http.c index e22468fcf3..0a6399d189 100644 --- a/main/http.c +++ b/main/http.c @@ -685,7 +685,7 @@ struct ast_variable *ast_http_get_post_vars( prev = v; } } - + done: ast_free(buf); return post_vars; @@ -862,7 +862,7 @@ struct ast_variable *ast_http_get_cookies(struct ast_variable *headers) struct ast_variable *v, *cookies=NULL; for (v = headers; v; v = v->next) { - if (!strncasecmp(v->name, "Cookie", 6)) { + if (!strcasecmp(v->name, "Cookie")) { char *tmp = ast_strdupa(v->value); if (cookies) { ast_variables_destroy(cookies);