github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Additional adjustment to Cookie header parsing

Browse Source
This commit is contained in:
martinhsv
2019-11-20 13:39:17 -08:00
committed by Felipe Zimmerle
parent 6395fe07ce
commit ea7cacf289
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/transaction.cc
View File

@@ -552,9 +552,9 @@ int Transaction::addRequestHeader(const std::string& key,
std::vector<std::string> cookies = utils::string::ssplit(value, ';');
// Get rid of any optional whitespace after the cookie-string
// (i.e. after the end of the final cookie-pair)
if (!cookies.empty()) {
// Get rid of any optional whitespace after the cookie-string
// (i.e. after the end of the final cookie-pair)
std::string& final_cookie_pair = cookies.back();
while (!final_cookie_pair.empty() && isspace(final_cookie_pair.back())) {
final_cookie_pair.pop_back();
@@ -586,7 +586,7 @@ int Transaction::addRequestHeader(const std::string& key,
}
// ltrim the key - following the modsec v2 way
while (ckey.empty() == false && ckey.at(0) == ' ') {
while (ckey.empty() == false && isspace(ckey.at(0))) {
ckey.erase(0, 1);
localOffset++;
}