Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cookie解析有误 #175

Open
18309225600 opened this issue Aug 12, 2020 · 2 comments
Open

cookie解析有误 #175

18309225600 opened this issue Aug 12, 2020 · 2 comments

Comments

@18309225600
Copy link

18309225600 commented Aug 12, 2020
edited 

/**
   * Take any client cookies that were originally from the proxy and prepare them to send to the
   * proxy.  This relies on cookie headers being set correctly according to RFC 6265 Sec 5.4.
   * This also blocks any local cookies from being sent to the proxy.
   */
  protected String getRealCookie(String cookieValue) {
    StringBuilder escapedCookie = new StringBuilder();
    String cookies[] = cookieValue.split("[;,]");
    for (String cookie : cookies) {
      String cookieSplit[] = cookie.split("=");
      if (cookieSplit.length == 2) {
        String cookieName = cookieSplit[0].trim();
        if (cookieName.startsWith(getCookieNamePrefix(cookieName))) {
          cookieName = cookieName.substring(getCookieNamePrefix(cookieName).length());
          if (escapedCookie.length() > 0) {
            escapedCookie.append("; ");
          }
          escapedCookie.append(cookieName).append("=").append(cookieSplit[1].trim());
        }
      }
    }
    return escapedCookie.toString();
  }

这个方法中String cookieSplit[] = cookie.split("="); 这一行,使用“=”分割是不健壮的,如果cookie的value中正好含有“=”,那么就会出错,例如我在访问某个交换机的http网站服务时,有个cookie是这样的:index==0b=06=0AB00=0R

建议找到第一个“=”然后使用substring截取,以下是我重写后的:

@Override
    protected String getRealCookie(String cookieValue) {
        StringBuilder escapedCookie = new StringBuilder();
        String cookies[] = cookieValue.split("[;,]");
        for (String cookie : cookies) {
            int index = cookie.indexOf("=");
            if (index>0){
                String cookieName = cookie.substring(0,index).trim();
                if (escapedCookie.length() > 0) {
                    escapedCookie.append("; ");
                }
                escapedCookie.append(cookieName).append("=").append(cookie.substring(index+1).trim());
            }
        }
        return escapedCookie.toString();
    }
@dsmiley
Copy link
Collaborator

dsmiley commented Sep 22, 2020

I'm sorry, but I do not read Chinese :-/

@18309225600
Copy link
Author

18309225600 commented Sep 22, 2020 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dsmiley @18309225600