Fixed: Curl Fallback should ignore invalid cookies.

2024-11-04 10:02:40 +01:00 · 2015-12-24 19:30:16 +01:00 · 2015-12-24 19:30:16 +01:00 · 7e1c444c02
commit 7e1c444c02
parent dc3f7c9bda
2 changed files with 35 additions and 1 deletions
--- a/src/NzbDrone.Common.Test/Http/HttpClientFixture.cs
+++ b/src/NzbDrone.Common.Test/Http/HttpClientFixture.cs
@ -349,6 +349,33 @@ public void should_parse_malformed_cloudflare_cookie(string culture)
                Thread.CurrentThread.CurrentUICulture = origCulture;
            }
        }
+
+        [TestCase("lang_code=en; expires=Fri, 23-Dec-2016 18:09:14 GMT; Max-Age=31536000; path=/; domain=.abc.com")]
+        public void should_reject_malformed_domain_cookie(string malformedCookie)
+        {
+            try
+            {
+                // the date is bad in the below - should be 13-Jul-2016
+                string url = "http://eu.httpbin.org/response-headers?Set-Cookie=" + Uri.EscapeUriString(malformedCookie);
+
+                var requestSet = new HttpRequest(url);
+                requestSet.AllowAutoRedirect = false;
+                requestSet.StoreResponseCookie = true;
+
+                var responseSet = Subject.Get(requestSet);
+
+                var request = new HttpRequest("http://eu.httpbin.org/get");
+
+                var response = Subject.Get<HttpBinResource>(request);
+
+                response.Resource.Headers.Should().NotContainKey("Cookie");
+
+                ExceptionVerification.IgnoreErrors();
+            }
+            finally
+            {
+            }
+        }
    }

    public class HttpBinResource
--- a/src/NzbDrone.Common/Http/Dispatchers/CurlHttpDispatcher.cs
+++ b/src/NzbDrone.Common/Http/Dispatchers/CurlHttpDispatcher.cs
@ -165,7 +165,14 @@ private WebHeaderCollection ProcessHeaderStream(HttpRequest request, CookieConta
            var setCookie = webHeaderCollection.Get("Set-Cookie");
            if (setCookie != null && setCookie.Length > 0 && cookies != null)
            {
-                cookies.SetCookies(request.Url, FixSetCookieHeader(setCookie));
+                try
+                {
+                    cookies.SetCookies(request.Url, FixSetCookieHeader(setCookie));
+                }
+                catch (CookieException ex)
+                {
+                    _logger.Debug("Rejected cookie {0}: {1}", ex.InnerException.Message, setCookie);
+                }
            }

            return webHeaderCollection;