use publicsuffix

open-telemetry · Jun 7, 2024 · a5b40be · a5b40be
1 parent b87c29a
commit a5b40be
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 2 deletions.
diff --git a/config/confighttp/README.md b/config/confighttp/README.md
@@ -36,6 +36,9 @@ README](../configtls/README.md).
 - [`http2_ping_timeout`](https://pkg.go.dev/golang.org/x/net/http2#Transport)
 - [`cookies`](https://pkg.go.dev/net/http#CookieJar)
   - [`enabled`] if enabled, the client will store cookies from server responses and reuse them in subsequent requests.
+  - [`insecure`] if true, the client accepts setting cookies for any domain. This is useful for testing but is insecure:
+    it means that the HTTP server for foo.co.uk can set a cookie for bar.co.uk.
+    If false, the client will allow setting cookies based on the list provided by https://publicsuffix.org/
 
 Example:
 

diff --git a/config/confighttp/confighttp.go b/config/confighttp/confighttp.go
@@ -19,6 +19,7 @@ import (
 	"go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp"
 	"go.opentelemetry.io/otel"
 	"golang.org/x/net/http2"
+	"golang.org/x/net/publicsuffix"
 
 	"go.opentelemetry.io/collector/component"
 	"go.opentelemetry.io/collector/config/configauth"
@@ -112,6 +113,10 @@ type ClientConfig struct {
 type CookiesConfig struct {
 	// Enabled if true, cookies from HTTP responses will be reused in further HTTP requests with the same server.
 	Enabled bool `mapstructure:"enabled"`
+	// Insecure if true, the client accepts setting cookies for any domain. This is useful for testing but is insecure:
+	// it means that the HTTP server for foo.co.uk can set a cookie for bar.co.uk.
+	// If false, the client will allow setting cookies based on the list provided by https://publicsuffix.org/
+	Insecure bool `mapstructure:"insecure"`
 }
 
 // NewDefaultClientConfig returns ClientConfig type object with
@@ -242,7 +247,12 @@ func (hcs *ClientConfig) ToClient(ctx context.Context, host component.Host, sett
 
 	var jar http.CookieJar
 	if hcs.Cookies != nil && hcs.Cookies.Enabled {
-		jar, err = cookiejar.New(nil)
+		opts := &cookiejar.Options{}
+		if !hcs.Cookies.Insecure {
+			opts.PublicSuffixList = publicsuffix.List
+		}
+
+		jar, err = cookiejar.New(opts)
 		if err != nil {
 			return nil, err
 		}

diff --git a/config/confighttp/confighttp_test.go b/config/confighttp/confighttp_test.go
@@ -83,7 +83,7 @@ func TestAllHTTPClientSettings(t *testing.T) {
 				IdleConnTimeout:      &idleConnTimeout,
 				Compression:          "",
 				DisableKeepAlives:    true,
-				Cookies:              &CookiesConfig{Enabled: true},
+				Cookies:              &CookiesConfig{Enabled: true, Insecure: true},
 				HTTP2ReadIdleTimeout: idleConnTimeout,
 				HTTP2PingTimeout:     http2PingTimeout,
 			},