diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-15 08:09:17 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-15 08:09:17 +0200 |
commit | a54132e028bde7dc034d2be55891c3e3e04b7366 (patch) | |
tree | b7e48dbe0baaae42a3a059343fcb277424c482ba /netwerk | |
parent | 5ce88ec8ad49dae733f771495c052918e9ca66fe (diff) | |
download | uxp-a54132e028bde7dc034d2be55891c3e3e04b7366.tar.gz |
moebius#131: URL parser - stop preserving empty passwords
https://github.com/MoonchildProductions/moebius/issues/131
Diffstat (limited to 'netwerk')
-rw-r--r-- | netwerk/base/nsStandardURL.cpp | 12 | ||||
-rw-r--r-- | netwerk/test/unit/test_URIs.js | 2 | ||||
-rw-r--r-- | netwerk/test/unit/test_standardurl.js | 20 |
3 files changed, 30 insertions, 4 deletions
diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp index 983e938caf..21c4cf7fdc 100644 --- a/netwerk/base/nsStandardURL.cpp +++ b/netwerk/base/nsStandardURL.cpp @@ -781,11 +781,13 @@ nsStandardURL::BuildNormalizedSpec(const char *spec) i = AppendSegmentToBuf(buf, i, spec, username, mUsername, &encUsername, useEncUsername, &diff); ShiftFromPassword(diff); - if (password.mLen >= 0) { + if (password.mLen > 0) { buf[i++] = ':'; i = AppendSegmentToBuf(buf, i, spec, password, mPassword, &encPassword, useEncPassword, &diff); ShiftFromHost(diff); + } else { + mPassword.mLen = -1; } buf[i++] = '@'; } @@ -1621,7 +1623,7 @@ nsStandardURL::SetUserPass(const nsACString &input) usernameLen), esc_Username | esc_AlwaysCopy, buf, ignoredOut); - if (passwordLen >= 0) { + if (passwordLen > 0) { buf.Append(':'); passwordLen = encoder.EncodeSegmentCount(userpass.get(), URLSegment(passwordPos, @@ -1629,6 +1631,8 @@ nsStandardURL::SetUserPass(const nsACString &input) esc_Password | esc_AlwaysCopy, buf, ignoredOut); + } else { + passwordLen = -1; } if (mUsername.mLen < 0) buf.Append('@'); @@ -1659,8 +1663,10 @@ nsStandardURL::SetUserPass(const nsACString &input) // update positions and lengths mUsername.mLen = usernameLen; mPassword.mLen = passwordLen; - if (passwordLen) + if (passwordLen > 0) { mPassword.mPos = mUsername.mPos + mUsername.mLen + 1; + } + return NS_OK; } diff --git a/netwerk/test/unit/test_URIs.js b/netwerk/test/unit/test_URIs.js index 5bc7fe432d..1cad7768f7 100644 --- a/netwerk/test/unit/test_URIs.js +++ b/netwerk/test/unit/test_URIs.js @@ -109,7 +109,7 @@ var gTests = [ nsIURL: true, nsINestedURI: false }, { spec: "ftp://foo:@ftp.mozilla.org:100/pub/mozilla.org/README", scheme: "ftp", - prePath: "ftp://foo:@ftp.mozilla.org:100", + prePath: "ftp://foo@ftp.mozilla.org:100", port: 100, username: "foo", password: "", diff --git a/netwerk/test/unit/test_standardurl.js b/netwerk/test/unit/test_standardurl.js index a1a320721e..fa9ed6964a 100644 --- a/netwerk/test/unit/test_standardurl.js +++ b/netwerk/test/unit/test_standardurl.js @@ -461,3 +461,23 @@ add_test(function test_invalidHostChars() { // hostname separators, so there is no way to set them and fail. run_next_test(); }); + +add_test(function test_emptyPassword() { + var url = stringToURL("http://a:@example.com"); + do_check_eq(url.spec, "http://a@example.com/"); + url.password = "pp"; + do_check_eq(url.spec, "http://a:pp@example.com/"); + url.password = ""; + do_check_eq(url.spec, "http://a@example.com/"); + url.userPass = "xxx:"; + do_check_eq(url.spec, "http://xxx@example.com/"); + url.password = "zzzz"; + do_check_eq(url.spec, "http://xxx:zzzz@example.com/"); + url.userPass = "xxxxx:yyyyyy"; + do_check_eq(url.spec, "http://xxxxx:yyyyyy@example.com/"); + url.userPass = "z:"; + do_check_eq(url.spec, "http://z@example.com/"); + url.password = "ppppppppppp"; + do_check_eq(url.spec, "http://z:ppppppppppp@example.com/"); + run_next_test(); +}); |