diff options
author | New Tobin Paradigm <email@mattatobin.com> | 2018-04-16 08:31:05 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-16 08:31:05 -0400 |
commit | 4028f58ce7e9ed54327afc6e2a44f5092005dcda (patch) | |
tree | a6123133b2347a723ecf1f99260c0738a369a97e | |
parent | c394a5f8710e9e83e8caa3f524aca4a80309b7cb (diff) | |
parent | f138ec95d9d2c9faba019e52467beeed2a73b4f5 (diff) | |
download | UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.gz UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.lz UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.tar.xz UXP-4028f58ce7e9ed54327afc6e2a44f5092005dcda.zip |
Merge pull request #175 from janekptacijarabaci/url_parser_2
moebius#131: URL parser - stop preserving empty passwords
-rw-r--r-- | docshell/test/unit/test_nsDefaultURIFixup_search.js | 2 | ||||
-rw-r--r-- | netwerk/base/nsStandardURL.cpp | 12 | ||||
-rw-r--r-- | netwerk/test/unit/test_URIs.js | 2 | ||||
-rw-r--r-- | netwerk/test/unit/test_standardurl.js | 20 |
4 files changed, 31 insertions, 5 deletions
diff --git a/docshell/test/unit/test_nsDefaultURIFixup_search.js b/docshell/test/unit/test_nsDefaultURIFixup_search.js index c00b6a85f..c84452b5d 100644 --- a/docshell/test/unit/test_nsDefaultURIFixup_search.js +++ b/docshell/test/unit/test_nsDefaultURIFixup_search.js @@ -74,7 +74,7 @@ var data = [ }, { wrong: 'user:@example.com:8080/this/is/a/test.html', - fixed: 'http://user:@example.com:8080/this/is/a/test.html', + fixed: 'http://user@example.com:8080/this/is/a/test.html', }, { wrong: '//user:pass@example.com:8080/this/is/a/test.html', diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp index 983e938ca..21c4cf7fd 100644 --- a/netwerk/base/nsStandardURL.cpp +++ b/netwerk/base/nsStandardURL.cpp @@ -781,11 +781,13 @@ nsStandardURL::BuildNormalizedSpec(const char *spec) i = AppendSegmentToBuf(buf, i, spec, username, mUsername, &encUsername, useEncUsername, &diff); ShiftFromPassword(diff); - if (password.mLen >= 0) { + if (password.mLen > 0) { buf[i++] = ':'; i = AppendSegmentToBuf(buf, i, spec, password, mPassword, &encPassword, useEncPassword, &diff); ShiftFromHost(diff); + } else { + mPassword.mLen = -1; } buf[i++] = '@'; } @@ -1621,7 +1623,7 @@ nsStandardURL::SetUserPass(const nsACString &input) usernameLen), esc_Username | esc_AlwaysCopy, buf, ignoredOut); - if (passwordLen >= 0) { + if (passwordLen > 0) { buf.Append(':'); passwordLen = encoder.EncodeSegmentCount(userpass.get(), URLSegment(passwordPos, @@ -1629,6 +1631,8 @@ nsStandardURL::SetUserPass(const nsACString &input) esc_Password | esc_AlwaysCopy, buf, ignoredOut); + } else { + passwordLen = -1; } if (mUsername.mLen < 0) buf.Append('@'); @@ -1659,8 +1663,10 @@ nsStandardURL::SetUserPass(const nsACString &input) // update positions and lengths mUsername.mLen = usernameLen; mPassword.mLen = passwordLen; - if (passwordLen) + if (passwordLen > 0) { mPassword.mPos = mUsername.mPos + mUsername.mLen + 1; + } + return NS_OK; } diff --git a/netwerk/test/unit/test_URIs.js b/netwerk/test/unit/test_URIs.js index 5bc7fe432..1cad7768f 100644 --- a/netwerk/test/unit/test_URIs.js +++ b/netwerk/test/unit/test_URIs.js @@ -109,7 +109,7 @@ var gTests = [ nsIURL: true, nsINestedURI: false }, { spec: "ftp://foo:@ftp.mozilla.org:100/pub/mozilla.org/README", scheme: "ftp", - prePath: "ftp://foo:@ftp.mozilla.org:100", + prePath: "ftp://foo@ftp.mozilla.org:100", port: 100, username: "foo", password: "", diff --git a/netwerk/test/unit/test_standardurl.js b/netwerk/test/unit/test_standardurl.js index c2b4dd365..4cc2f393e 100644 --- a/netwerk/test/unit/test_standardurl.js +++ b/netwerk/test/unit/test_standardurl.js @@ -472,3 +472,23 @@ add_test(function test_invalidHostChars() { // hostname separators, so there is no way to set them and fail. run_next_test(); }); + +add_test(function test_emptyPassword() { + var url = stringToURL("http://a:@example.com"); + do_check_eq(url.spec, "http://a@example.com/"); + url.password = "pp"; + do_check_eq(url.spec, "http://a:pp@example.com/"); + url.password = ""; + do_check_eq(url.spec, "http://a@example.com/"); + url.userPass = "xxx:"; + do_check_eq(url.spec, "http://xxx@example.com/"); + url.password = "zzzz"; + do_check_eq(url.spec, "http://xxx:zzzz@example.com/"); + url.userPass = "xxxxx:yyyyyy"; + do_check_eq(url.spec, "http://xxxxx:yyyyyy@example.com/"); + url.userPass = "z:"; + do_check_eq(url.spec, "http://z@example.com/"); + url.password = "ppppppppppp"; + do_check_eq(url.spec, "http://z:ppppppppppp@example.com/"); + run_next_test(); +}); |