infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #3497, comma-separated get_cookies

bug/bundler_fix
William Vu 2014-07-08 11:00:40 -05:00
parent e5b5439e47 14b1ed5290
commit 4eeab66ebe
No known key found for this signature in database
GPG Key ID: E761DCB4C1629024
2 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/rex/proto/http/response.rb
View File

@ -67,7 +67,7 @@ class Response < Packet
cookies = ""
if (self.headers.include?('Set-Cookie'))
set_cookies = self.headers['Set-Cookie']
key_vals = set_cookies.scan(/\s?([^, ;]+?)=([^, ;]*?);/)
key_vals = set_cookies.scan(/\s?([^, ;]+?)=([^, ;]*?)[;,]/)
key_vals.each do |k, v|
# Dont downcase actual cookie name as may be case sensitive
name = k.downcase

28
spec/lib/rex/proto/http/response_spec.rb
View File

@ -116,6 +116,22 @@ describe Rex::Proto::Http::Response do
HEREDOC
end
def get_cookies_comma_separated
<<-HEREDOC.gsub(/^ {6}/, '')
HTTP/1.1 200 OK
Expires: Thu, 26 Oct 1978 00:00:00 GMT
Content-Length: 8556
Server: CherryPy/3.1.2
Date: Sun, 06 Jul 2014 20:09:28 GMT
Cache-Control: no-store, max-age=0, no-cache, must-revalidate
Content-Type: text/html;charset=utf-8
Set-Cookie: cval=880350187, session_id_8000=83466b1a1a7a27ce13d35f78155d40ca3a1e7a28; expires=Mon, 07 Jul 2014 20:09:28 GMT; httponly; Path=/, uid=348637C4-9B10-485A-BFA9-5E892432FCFD; expires=Fri, 05-Jul-2019 20:09:28 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:s="http://www.splunk.com/xhtml-extensions/1.0" xml:lang="en" lang="en" class="no-js lt-ie9 lt-ie8 lt-
HEREDOC
end
def cookie_sanity_check(meth)
resp = described_class.new()
resp.parse(self.send meth)
@ -185,6 +201,18 @@ describe Rex::Proto::Http::Response do
cookies_array.should include(*expected_cookies)
end
it 'parses comma separated cookies' do
cookies_array = cookie_sanity_check(:get_cookies_comma_separated)
cookies_array.count.should eq(3)
expected_cookies = %w{
cval=880350187
session_id_8000=83466b1a1a7a27ce13d35f78155d40ca3a1e7a28
uid=348637C4-9B10-485A-BFA9-5E892432FCFD
}
expected_cookies.shuffle!
cookies_array.should include(*expected_cookies)
end
end
end