RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-14 09:24:57 +00:00
Code Issues Activity Actions

LibWeb: Fail to parse cookie date when date does not exist

Browse source 
Previously, the cookie date validation did not validate days in the
context of the month and year, resulting in dates that do not exist to
be successfully parsed (e.g. February 31st). We now validate that the
day does not exceed the number of days for the given month and year,
taking leap years into account.
This commit is contained in:
Daniel La Rocque 2024-01-05 09:56:14 -05:00 committed by Tim Flynn
parent 9b7b97b2f6
commit 242d1d8eba
2 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Base/res/html/misc/cookie.html
View file

@ -22,6 +22,8 @@
<label for=invalid5>The cookie is too large</label>
<br /><input id=invalid6 type=button onclick="setCookie(this.value)" value="cookie11=value11; domain=uk.gov" />
<label for=invalid6>The cookie's domain is on the Public Suffix List</label>
<br /><input id=invalid7 type=button onclick="setCookie(this.value)" value="cookie12=value12; expires=Sat, 31 Feb 2060 08:10:36 GMT" />
<label for=invalid4>The cookie has a date that does not exist</label>
<br />
<h3>Unretrievable cookies (the browser should accept these but not display them):</h3>