summaryrefslogtreecommitdiff
path: root/netwerk
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-15 08:09:17 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-15 08:09:17 +0200
commita54132e028bde7dc034d2be55891c3e3e04b7366 (patch)
treeb7e48dbe0baaae42a3a059343fcb277424c482ba /netwerk
parent5ce88ec8ad49dae733f771495c052918e9ca66fe (diff)
downloaduxp-a54132e028bde7dc034d2be55891c3e3e04b7366.tar.gz
moebius#131: URL parser - stop preserving empty passwords
https://github.com/MoonchildProductions/moebius/issues/131
Diffstat (limited to 'netwerk')
-rw-r--r--netwerk/base/nsStandardURL.cpp12
-rw-r--r--netwerk/test/unit/test_URIs.js2
-rw-r--r--netwerk/test/unit/test_standardurl.js20
3 files changed, 30 insertions, 4 deletions
diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp
index 983e938caf..21c4cf7fdc 100644
--- a/netwerk/base/nsStandardURL.cpp
+++ b/netwerk/base/nsStandardURL.cpp
@@ -781,11 +781,13 @@ nsStandardURL::BuildNormalizedSpec(const char *spec)
i = AppendSegmentToBuf(buf, i, spec, username, mUsername,
&encUsername, useEncUsername, &diff);
ShiftFromPassword(diff);
- if (password.mLen >= 0) {
+ if (password.mLen > 0) {
buf[i++] = ':';
i = AppendSegmentToBuf(buf, i, spec, password, mPassword,
&encPassword, useEncPassword, &diff);
ShiftFromHost(diff);
+ } else {
+ mPassword.mLen = -1;
}
buf[i++] = '@';
}
@@ -1621,7 +1623,7 @@ nsStandardURL::SetUserPass(const nsACString &input)
usernameLen),
esc_Username | esc_AlwaysCopy,
buf, ignoredOut);
- if (passwordLen >= 0) {
+ if (passwordLen > 0) {
buf.Append(':');
passwordLen = encoder.EncodeSegmentCount(userpass.get(),
URLSegment(passwordPos,
@@ -1629,6 +1631,8 @@ nsStandardURL::SetUserPass(const nsACString &input)
esc_Password |
esc_AlwaysCopy, buf,
ignoredOut);
+ } else {
+ passwordLen = -1;
}
if (mUsername.mLen < 0)
buf.Append('@');
@@ -1659,8 +1663,10 @@ nsStandardURL::SetUserPass(const nsACString &input)
// update positions and lengths
mUsername.mLen = usernameLen;
mPassword.mLen = passwordLen;
- if (passwordLen)
+ if (passwordLen > 0) {
mPassword.mPos = mUsername.mPos + mUsername.mLen + 1;
+ }
+
return NS_OK;
}
diff --git a/netwerk/test/unit/test_URIs.js b/netwerk/test/unit/test_URIs.js
index 5bc7fe432d..1cad7768f7 100644
--- a/netwerk/test/unit/test_URIs.js
+++ b/netwerk/test/unit/test_URIs.js
@@ -109,7 +109,7 @@ var gTests = [
nsIURL: true, nsINestedURI: false },
{ spec: "ftp://foo:@ftp.mozilla.org:100/pub/mozilla.org/README",
scheme: "ftp",
- prePath: "ftp://foo:@ftp.mozilla.org:100",
+ prePath: "ftp://foo@ftp.mozilla.org:100",
port: 100,
username: "foo",
password: "",
diff --git a/netwerk/test/unit/test_standardurl.js b/netwerk/test/unit/test_standardurl.js
index a1a320721e..fa9ed6964a 100644
--- a/netwerk/test/unit/test_standardurl.js
+++ b/netwerk/test/unit/test_standardurl.js
@@ -461,3 +461,23 @@ add_test(function test_invalidHostChars() {
// hostname separators, so there is no way to set them and fail.
run_next_test();
});
+
+add_test(function test_emptyPassword() {
+ var url = stringToURL("http://a:@example.com");
+ do_check_eq(url.spec, "http://a@example.com/");
+ url.password = "pp";
+ do_check_eq(url.spec, "http://a:pp@example.com/");
+ url.password = "";
+ do_check_eq(url.spec, "http://a@example.com/");
+ url.userPass = "xxx:";
+ do_check_eq(url.spec, "http://xxx@example.com/");
+ url.password = "zzzz";
+ do_check_eq(url.spec, "http://xxx:zzzz@example.com/");
+ url.userPass = "xxxxx:yyyyyy";
+ do_check_eq(url.spec, "http://xxxxx:yyyyyy@example.com/");
+ url.userPass = "z:";
+ do_check_eq(url.spec, "http://z@example.com/");
+ url.password = "ppppppppppp";
+ do_check_eq(url.spec, "http://z:ppppppppppp@example.com/");
+ run_next_test();
+});