From: "Karol Hosiawa" <hosiawak@gmail.com>
To: emacs-pretest-bug@gnu.org
Subject: bug#1401: 23.0.60; url-cookie-handle-set-cookie doesnt check for trusted urls
Date: Fri, 21 Nov 2008 15:23:37 +0000 [thread overview]
Message-ID: <577ed7ae0811210723s786a74c1l5f4292e653f04af1@mail.gmail.com> (raw)
The function url-cookie-handle-set-cookie in url-cookie.el
doesn't check if url-cookie-trusted-urls is set. It does some
preliminary checks but doesn't apply this info in the end.
Proposed patch:
change line 418 of url-cookie.el from:
((url-cookie-host-can-set-p (url-host url-current-object) domain)
to
((or trusted
(url-cookie-host-can-set-p (url-host url-current-object) domain)
In GNU Emacs 23.0.60.1 (i686-pc-linux-gnu, GTK+ Version 2.12.9)
of 2008-07-28 on gentoo
Windowing system distributor `The X.Org Foundation', version 11.0.10300000
configured using `configure '--prefix=/usr'
'--host=i686-pc-linux-gnu' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc'
'--localstatedir=/var/lib' '--program-suffix=-emacs-23'
'--infodir=/usr/share/info/emacs-23' '--without-carbon' '--with-sound'
'--with-x' '--with-toolkit-scroll-bars' '--with-gif' '--with-jpeg'
'--with-png' '--without-rsvg' '--with-tiff' '--with-xpm'
'--enable-font-backend' '--with-freetype' '--with-xft'
'--without-libotf' '--without-m17n-flt' '--with-x-toolkit=gtk'
'--without-hesiod' '--without-kerberos' '--without-kerberos5'
'--with-gpm' '--with-dbus' '--build=i686-pc-linux-gnu'
'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu'
'CFLAGS=-O2 -march=i686 -pipe' 'LDFLAGS=-Wl,-O1''
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: nil
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: en_US.UTF8
value of $XMODIFIERS: nil
locale-coding-system: utf-8-unix
default-enable-multibyte-characters: t
Major mode: Emacs-Lisp
Minor modes in effect:
erc-list-mode: t
erc-menu-mode: t
erc-autojoin-mode: t
erc-ring-mode: t
erc-networks-mode: t
erc-pcomplete-mode: t
erc-track-mode: t
erc-track-minor-mode: t
erc-match-mode: t
erc-button-mode: t
erc-fill-mode: t
erc-stamp-mode: t
erc-netsplit-mode: t
erc-irccontrols-mode: t
erc-noncommands-mode: t
erc-move-to-prompt-mode: t
erc-readonly-mode: t
shell-dirtrack-mode: t
cua-mode: t
show-paren-mode: t
diff-auto-refine-mode: t
tooltip-mode: t
mouse-wheel-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
global-auto-composition-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
line-number-mode: t
transient-mark-mode: t
Recent input:
C-k C-l C-l C-l C-l C-o C-n C-o C-n C-h c r <backspace>
e C-/ C-/ h v e r c - C-/ C-h f C-g C-h v e r c - p
a <tab> s s <tab> <return> <help-echo> C-x 1 C-o C-n
C-l C-l C-l C-l C-o C-n C-o C-n <down-mouse-5> <mouse-5>
<double-down-mouse-5> <double-mouse-5> <triple-down-mouse-5>
<triple-mouse-5> <triple-down-mouse-5> <triple-mouse-5>
<triple-down-mouse-5> <triple-mouse-5> <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4>
<triple-mouse-4> C-o C-n C-l C-o C-n C-o C-p <help-echo>
C-o C-n C-o C-p <help-echo> C-o C-n C-x C-f / m n <return>
<return> w h i C-s C-s C-s <return> p u <return> s
t <return> g e <return> M-g M-g 7 5 3 <return> C-n
C-n C-k C-k C-x C-s C-o C-p C-p C-p C-p C-n C-n C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n
C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n
C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4>
<triple-mouse-4> <down-mouse-4> <mouse-4> <double-down-mouse-4>
<double-mouse-4> <down-mouse-5> <mouse-5> <double-down-mouse-5>
<double-mouse-5> <triple-down-mouse-5> <triple-mouse-5>
<triple-down-mouse-5> <triple-mouse-5> <triple-down-mouse-5>
<triple-mouse-5> <down-mouse-1> <mouse-movement> <mouse-1>
<help-echo> <down-mouse-1> <mouse-1> <help-echo> M-x
r e p o <tab> r <tab> <return> C-x 3 C-g C-x 3 C-x
b c o o <backspace> <backspace> <backspace> C-g C-x
C-f / u s <return> <return> <return> <return> <return>
u r <return> c o o <return> C-v C-v C-v C-v C-v C-v
C-v C-n C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-n M-x r e p o
<tab> r t <tab> <return>
Recent messages:
Loading vc-svn...done
Mark set
Wrote /mnt/dev/jacuzzi_whitelabel/public/stylesheets/general.css
byte-code: End of buffer
Making completion list...
split-window-horizontally: Attempt to split minibuffer window
Quit [3 times]
uncompressing url-cookie.el.gz...done
Note: file is write protected
Making completion list...
next reply other threads:[~2008-11-21 15:23 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-21 15:23 Karol Hosiawa [this message]
2008-12-02 8:26 ` bug#1401: 23.0.60; url-cookie-handle-set-cookie doesnt check for trusted urls Glenn Morris
2008-12-02 17:03 ` Karol Hosiawa
2008-12-02 19:12 ` Glenn Morris
2008-12-02 20:44 ` Karol Hosiawa
2008-12-02 20:56 ` Glenn Morris
2011-09-11 18:16 ` Lars Magne Ingebrigtsen
2011-09-12 17:52 ` Glenn Morris
2011-09-13 19:38 ` Lars Magne Ingebrigtsen
2011-09-13 21:20 ` Glenn Morris
2011-09-13 21:22 ` Lars Magne Ingebrigtsen
2011-09-13 21:33 ` Glenn Morris
2011-09-15 0:33 ` Lars Magne Ingebrigtsen
2011-09-15 1:24 ` Stefan Monnier
2011-09-15 5:42 ` Lars Magne Ingebrigtsen
2012-04-10 1:53 ` Lars Magne Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=577ed7ae0811210723s786a74c1l5f4292e653f04af1@mail.gmail.com \
--to=hosiawak@gmail.com \
--cc=1401@emacsbugs.donarmstrong.com \
--cc=emacs-pretest-bug@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).