Skip to content
Browse files

Issue 5591 (Cookies having a path identical to the request-path won't

  • Loading branch information...
1 parent 79d92de commit 36d4d03474e4c4e1a7efaeeff7668927af1df345 @SebastianZ SebastianZ committed Jun 20, 2012
Showing with 15 additions and 9 deletions.
  1. +15 −9 extension/content/firebug/cookies/cookieObserver.js
View
24 extension/content/firebug/cookies/cookieObserver.js
@@ -122,22 +122,28 @@ var CookieObserver = Obj.extend(BaseObserver,
* @returns {Boolean} If the method returns true the host/path belongs
* to the activeUri.
*/
- isHostFromURI: function(activeUri, host, path)
+ isHostFromURI: function(activeUri, host, cookiePath)
{
var pathFilter = Options.get(filterByPath);
// Get directory path (without the file name)
- var activePath = activeUri.path.substr(0, (activeUri.path.lastIndexOf("/") || 1));
+ var queryStringPos = activeUri.path.lastIndexOf("?");
+ var activePath = queryStringPos != -1 ?
+ activeUri.path.substr(0, queryStringPos) : activeUri.path;
- // Append slash at the end of the active path, so it mach the cookie's path
- // in the case that it has slash at the end.
+ // Remove slash at the end of the active path according to step 4 of RFC 6265 section 5.1.4
var lastChar = activePath.charAt(activePath.length - 1);
- if (lastChar != "/")
- activePath += "/";
-
- // If the path filter is on, only cookies that match given path should be displayed.
- if (pathFilter && (activePath.indexOf(path) != 0))
+ if (lastChar == "/")
+ activePath = activePath.substr(0, activePath.length - 1);
+
+ // If the path filter is on, only cookies that match given path
+ // according to RFC 6265 section 5.1.4 will be displayed.
+ if (pathFilter && (activePath != cookiePath && !(Str.hasPrefix(activePath, cookiePath) &&
+ (cookiePath.charAt(cookiePath.length - 1) == "/" ||
+ activePath.substr(cookiePath.length, 1) == "/"))))
+ {
return false;
+ }
// The cookie must belong to given URI from this context,
// otherwise it won't be displayed in this tab.

0 comments on commit 36d4d03

Please sign in to comment.
Something went wrong with that request. Please try again.