summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNew Tobin Paradigm <email@mattatobin.com>2018-04-16 08:31:05 -0400
committerGitHub <noreply@github.com>2018-04-16 08:31:05 -0400
commit4028f58ce7e9ed54327afc6e2a44f5092005dcda (patch)
treea6123133b2347a723ecf1f99260c0738a369a97e
parentc394a5f8710e9e83e8caa3f524aca4a80309b7cb (diff)
parentf138ec95d9d2c9faba019e52467beeed2a73b4f5 (diff)
downloadUXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar
UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.gz
UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.lz
UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.xz
UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.zip
Merge pull request #175 from janekptacijarabaci/url_parser_2
moebius#131: URL parser - stop preserving empty passwords
-rw-r--r--docshell/test/unit/test_nsDefaultURIFixup_search.js2
-rw-r--r--netwerk/base/nsStandardURL.cpp12
-rw-r--r--netwerk/test/unit/test_URIs.js2
-rw-r--r--netwerk/test/unit/test_standardurl.js20
4 files changed, 31 insertions, 5 deletions
diff --git a/docshell/test/unit/test_nsDefaultURIFixup_search.js b/docshell/test/unit/test_nsDefaultURIFixup_search.js
index c00b6a85f..c84452b5d 100644
--- a/docshell/test/unit/test_nsDefaultURIFixup_search.js
+++ b/docshell/test/unit/test_nsDefaultURIFixup_search.js
@@ -74,7 +74,7 @@ var data = [
},
{
wrong: 'user:@example.com:8080/this/is/a/test.html',
- fixed: 'http://user:@example.com:8080/this/is/a/test.html',
+ fixed: 'http://user@example.com:8080/this/is/a/test.html',
},
{
wrong: '//user:pass@example.com:8080/this/is/a/test.html',
diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp
index 983e938ca..21c4cf7fd 100644
--- a/netwerk/base/nsStandardURL.cpp
+++ b/netwerk/base/nsStandardURL.cpp
@@ -781,11 +781,13 @@ nsStandardURL::BuildNormalizedSpec(const char *spec)
i = AppendSegmentToBuf(buf, i, spec, username, mUsername,
&encUsername, useEncUsername, &diff);
ShiftFromPassword(diff);
- if (password.mLen >= 0) {
+ if (password.mLen > 0) {
buf[i++] = ':';
i = AppendSegmentToBuf(buf, i, spec, password, mPassword,
&encPassword, useEncPassword, &diff);
ShiftFromHost(diff);
+ } else {
+ mPassword.mLen = -1;
}
buf[i++] = '@';
}
@@ -1621,7 +1623,7 @@ nsStandardURL::SetUserPass(const nsACString &input)
usernameLen),
esc_Username | esc_AlwaysCopy,
buf, ignoredOut);
- if (passwordLen >= 0) {
+ if (passwordLen > 0) {
buf.Append(':');
passwordLen = encoder.EncodeSegmentCount(userpass.get(),
URLSegment(passwordPos,
@@ -1629,6 +1631,8 @@ nsStandardURL::SetUserPass(const nsACString &input)
esc_Password |
esc_AlwaysCopy, buf,
ignoredOut);
+ } else {
+ passwordLen = -1;
}
if (mUsername.mLen < 0)
buf.Append('@');
@@ -1659,8 +1663,10 @@ nsStandardURL::SetUserPass(const nsACString &input)
// update positions and lengths
mUsername.mLen = usernameLen;
mPassword.mLen = passwordLen;
- if (passwordLen)
+ if (passwordLen > 0) {
mPassword.mPos = mUsername.mPos + mUsername.mLen + 1;
+ }
+
return NS_OK;
}
diff --git a/netwerk/test/unit/test_URIs.js b/netwerk/test/unit/test_URIs.js
index 5bc7fe432..1cad7768f 100644
--- a/netwerk/test/unit/test_URIs.js
+++ b/netwerk/test/unit/test_URIs.js
@@ -109,7 +109,7 @@ var gTests = [
nsIURL: true, nsINestedURI: false },
{ spec: "ftp://foo:@ftp.mozilla.org:100/pub/mozilla.org/README",
scheme: "ftp",
- prePath: "ftp://foo:@ftp.mozilla.org:100",
+ prePath: "ftp://foo@ftp.mozilla.org:100",
port: 100,
username: "foo",
password: "",
diff --git a/netwerk/test/unit/test_standardurl.js b/netwerk/test/unit/test_standardurl.js
index c2b4dd365..4cc2f393e 100644
--- a/netwerk/test/unit/test_standardurl.js
+++ b/netwerk/test/unit/test_standardurl.js
@@ -472,3 +472,23 @@ add_test(function test_invalidHostChars() {
// hostname separators, so there is no way to set them and fail.
run_next_test();
});
+
+add_test(function test_emptyPassword() {
+ var url = stringToURL("http://a:@example.com");
+ do_check_eq(url.spec, "http://a@example.com/");
+ url.password = "pp";
+ do_check_eq(url.spec, "http://a:pp@example.com/");
+ url.password = "";
+ do_check_eq(url.spec, "http://a@example.com/");
+ url.userPass = "xxx:";
+ do_check_eq(url.spec, "http://xxx@example.com/");
+ url.password = "zzzz";
+ do_check_eq(url.spec, "http://xxx:zzzz@example.com/");
+ url.userPass = "xxxxx:yyyyyy";
+ do_check_eq(url.spec, "http://xxxxx:yyyyyy@example.com/");
+ url.userPass = "z:";
+ do_check_eq(url.spec, "http://z@example.com/");
+ url.password = "ppppppppppp";
+ do_check_eq(url.spec, "http://z:ppppppppppp@example.com/");
+ run_next_test();
+});