inets http cookie parsing bug

Maas-Maarten Zeeman <>
Fri Jan 28 15:34:04 CET 2011


Hello,

Yesterday I discovered a cookie parsing bug in inets http client.

1> inets:start().
ok
2> http:set_options([{cookies, enabled}]).
ok
3> http:request("http://zotonic.com").
{error,{function_clause,[{string,substr,
                                 [" 01 Jul 2012 11:48:43 GMT",1,-1]},
                         {httpc_cookie,parse_set_cookie,3},
                         {lists,map,2},
                         {httpc_cookie,parse_set_cookies,2},
                         {httpc_cookie,cookies,3},
                         {httpc_handler,handle_cookies,4},
                         {httpc_handler,handle_response,1},
                         {httpc_handler,handle_info,2}]}}
...
...

When it parses a cookie header like this:

Set-Cookie:
z_sid=r5tOZ6GQlWtb68XEoo4m; Version=1; Path=/; HttpOnly,  
z_pid=49Rr3y6VeuMs407m2KUM; Version=1; Expires=Sun, 01 Jul 2012  
11:59:21 GMT; Max-Age=44928000; Path=/; HttpOnly

This cookie header is split in the wrong location. During parsing this  
string is first split on the "," character. But when a cookie contains  
an expires attribute with a date string, that split will be in the  
wrong location, because the date format contains a comma.

The bug appears in all R13 and R14 releases.


Kind regards,

Maas-Maarten Zeeman





More information about the erlang-bugs mailing list