unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed
* bug#1401: 23.0.60; url-cookie-handle-set-cookie doesnt check for trusted urls
@ 2008-11-21 15:23 Karol Hosiawa
  2008-12-02  8:26 ` Glenn Morris
  0 siblings, 1 reply; 16+ messages in thread
From: Karol Hosiawa @ 2008-11-21 15:23 UTC (permalink / raw)
  To: emacs-pretest-bug

The function url-cookie-handle-set-cookie in url-cookie.el
doesn't check if url-cookie-trusted-urls is set. It does some
preliminary checks but doesn't apply this info in the end.

Proposed patch:

change line 418 of url-cookie.el from:

((url-cookie-host-can-set-p (url-host url-current-object) domain)

to

((or trusted
  (url-cookie-host-can-set-p (url-host url-current-object) domain)



In GNU Emacs 23.0.60.1 (i686-pc-linux-gnu, GTK+ Version 2.12.9)
 of 2008-07-28 on gentoo
Windowing system distributor `The X.Org Foundation', version 11.0.10300000
configured using `configure  '--prefix=/usr'
'--host=i686-pc-linux-gnu' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc'
'--localstatedir=/var/lib' '--program-suffix=-emacs-23'
'--infodir=/usr/share/info/emacs-23' '--without-carbon' '--with-sound'
'--with-x' '--with-toolkit-scroll-bars' '--with-gif' '--with-jpeg'
'--with-png' '--without-rsvg' '--with-tiff' '--with-xpm'
'--enable-font-backend' '--with-freetype' '--with-xft'
'--without-libotf' '--without-m17n-flt' '--with-x-toolkit=gtk'
'--without-hesiod' '--without-kerberos' '--without-kerberos5'
'--with-gpm' '--with-dbus' '--build=i686-pc-linux-gnu'
'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu'
'CFLAGS=-O2 -march=i686 -pipe' 'LDFLAGS=-Wl,-O1''

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_US.UTF8
  value of $XMODIFIERS: nil
  locale-coding-system: utf-8-unix
  default-enable-multibyte-characters: t

Major mode: Emacs-Lisp

Minor modes in effect:
  erc-list-mode: t
  erc-menu-mode: t
  erc-autojoin-mode: t
  erc-ring-mode: t
  erc-networks-mode: t
  erc-pcomplete-mode: t
  erc-track-mode: t
  erc-track-minor-mode: t
  erc-match-mode: t
  erc-button-mode: t
  erc-fill-mode: t
  erc-stamp-mode: t
  erc-netsplit-mode: t
  erc-irccontrols-mode: t
  erc-noncommands-mode: t
  erc-move-to-prompt-mode: t
  erc-readonly-mode: t
  shell-dirtrack-mode: t
  cua-mode: t
  show-paren-mode: t
  diff-auto-refine-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  global-auto-composition-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t

Recent input:
C-k C-l C-l C-l C-l C-o C-n C-o C-n C-h c r <backspace>
e C-/ C-/ h v e r c - C-/ C-h f C-g C-h v e r c - p
a <tab> s s <tab> <return> <help-echo> C-x 1 C-o C-n
C-l C-l C-l C-l C-o C-n C-o C-n <down-mouse-5> <mouse-5>
<double-down-mouse-5> <double-mouse-5> <triple-down-mouse-5>
<triple-mouse-5> <triple-down-mouse-5> <triple-mouse-5>
<triple-down-mouse-5> <triple-mouse-5> <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4>
<triple-mouse-4> C-o C-n C-l C-o C-n C-o C-p <help-echo>
C-o C-n C-o C-p <help-echo> C-o C-n C-x C-f / m n <return>
<return> w h i C-s C-s C-s <return> p u <return> s
t <return> g e <return> M-g M-g 7 5 3 <return> C-n
C-n C-k C-k C-x C-s C-o C-p C-p C-p C-p C-n C-n C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n
C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n
C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n C-n <down-mouse-4>
<mouse-4> <double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4>
<triple-mouse-4> <down-mouse-4> <mouse-4> <double-down-mouse-4>
<double-mouse-4> <down-mouse-5> <mouse-5> <double-down-mouse-5>
<double-mouse-5> <triple-down-mouse-5> <triple-mouse-5>
<triple-down-mouse-5> <triple-mouse-5> <triple-down-mouse-5>
<triple-mouse-5> <down-mouse-1> <mouse-movement> <mouse-1>
<help-echo> <down-mouse-1> <mouse-1> <help-echo> M-x
r e p o <tab> r <tab> <return> C-x 3 C-g C-x 3 C-x
b c o o <backspace> <backspace> <backspace> C-g C-x
C-f / u s <return> <return> <return> <return> <return>
u r <return> c o o <return> C-v C-v C-v C-v C-v C-v
C-v C-n C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p C-p
C-p C-p C-p C-p C-p C-p C-p C-p C-p C-n M-x r e p o
<tab> r t <tab> <return>

Recent messages:
Loading vc-svn...done
Mark set
Wrote /mnt/dev/jacuzzi_whitelabel/public/stylesheets/general.css
byte-code: End of buffer
Making completion list...
split-window-horizontally: Attempt to split minibuffer window
Quit [3 times]
uncompressing url-cookie.el.gz...done
Note: file is write protected
Making completion list...






^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2012-04-10  1:53 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-21 15:23 bug#1401: 23.0.60; url-cookie-handle-set-cookie doesnt check for trusted urls Karol Hosiawa
2008-12-02  8:26 ` Glenn Morris
2008-12-02 17:03   ` Karol Hosiawa
2008-12-02 19:12     ` Glenn Morris
2008-12-02 20:44       ` Karol Hosiawa
2008-12-02 20:56         ` Glenn Morris
2011-09-11 18:16           ` Lars Magne Ingebrigtsen
2011-09-12 17:52             ` Glenn Morris
2011-09-13 19:38               ` Lars Magne Ingebrigtsen
2011-09-13 21:20                 ` Glenn Morris
2011-09-13 21:22                   ` Lars Magne Ingebrigtsen
2011-09-13 21:33                     ` Glenn Morris
2011-09-15  0:33                       ` Lars Magne Ingebrigtsen
2011-09-15  1:24                         ` Stefan Monnier
2011-09-15  5:42                           ` Lars Magne Ingebrigtsen
2012-04-10  1:53                             ` Lars Magne Ingebrigtsen

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).