From aa1909edf7a9e841bb6adf63235eb80a236d85f1 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Mon, 14 Nov 2022 18:58:35 +0100 Subject: [PATCH] MEDIUM: http-ana: remove set-cookie2 support This has never really been implemented in clients nor servers. We wanted to drop it from 2.5 already but forgot, so let's do it now. The code was only minimally changed. It could possibly be slightly simplified but it would only be marginal, at the great risk of breaking something, thus let's keep it in its proven state instead. Tracked in github issue #1551. --- src/http_ana.c | 27 ++++++++------------------- 1 file changed, 8 insertions(+), 19 deletions(-) diff --git a/src/http_ana.c b/src/http_ana.c index d667f1443..188cb7307 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -3540,20 +3540,13 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re struct server *srv; char *hdr_beg, *hdr_end; char *prev, *att_beg, *att_end, *equal, *val_beg, *val_end, *next; - int is_cookie2 = 0; htx = htxbuf(&res->buf); ctx.blk = NULL; - while (1) { + while (http_find_header(htx, ist("Set-Cookie"), &ctx, 1)) { int is_first = 1; - if (is_cookie2 || !http_find_header(htx, ist("Set-Cookie"), &ctx, 1)) { - if (!http_find_header(htx, ist("Set-Cookie2"), &ctx, 1)) - break; - is_cookie2 = 1; - } - /* OK, right now we know we have a Set-Cookie* at hdr_beg, and * points to the colon. */ @@ -3575,7 +3568,7 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re * with a comma inside. We have to live with this because * many browsers don't support Max-Age and some browsers don't * support quoted strings. However the Set-Cookie2 header is - * clean. + * clean but basically nobody supports it. * * We have to keep multiple pointers in order to support cookie * removal at the beginning, middle or end of header without @@ -3624,7 +3617,7 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re equal = att_end = att_beg; while (equal < hdr_end) { - if (*equal == '=' || *equal == ';' || (is_cookie2 && *equal == ',')) + if (*equal == '=' || *equal == ';') break; if (HTTP_IS_SPHT(*equal++)) continue; @@ -3656,15 +3649,10 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re } if (next < hdr_end) { - /* Set-Cookie2 supports multiple cookies, and points to - * a colon or semi-colon before the end. So skip all attr-value - * pairs and look for the next comma. For Set-Cookie, since - * commas are permitted in values, skip to the end. + /* For Set-Cookie, since commas are permitted + * in values, skip to the end. */ - if (is_cookie2) - next = http_find_hdr_value_end(next, hdr_end); - else - next = hdr_end; + next = hdr_end; } /* Now everything is as on the diagram above */ @@ -3803,7 +3791,8 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re } } /* that's done for this cookie, check the next one on the same - * line when next != hdr_end (only if is_cookie2). + * line when next != hdr_end (which should normally not happen + * with set-cookie2 support removed). */ } }