www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-09-11 09:30:48 +03:00
Code Activity

mod_lua: escape key/value pairs when setting cookies to prevent header splitting with tainted cookies.

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1582253 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Daniel Gruno
2014-03-27 10:58:35 +00:00
parent 8ad00113ae
commit 2514105ae4
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/lua/lua_request.c
View File

@@ -2057,6 +2057,10 @@ static int lua_set_cookie(lua_State *L)
strdomain = apr_psprintf(r->pool, "Domain=%s;", domain); strdomain = apr_psprintf(r->pool, "Domain=%s;", domain);
} }
/* URL-encode key/value */
value = ap_escape_urlencoded(r->pool, value);
key = ap_escape_urlencoded(r->pool, key);
/* Create the header */ /* Create the header */
out = apr_psprintf(r->pool, "%s=%s; %s %s %s %s %s", key, value, out = apr_psprintf(r->pool, "%s=%s; %s %s %s %s %s", key, value,
secure ? "Secure;" : "", secure ? "Secure;" : "",