From 2adf288a824642402629b806a34dd6fc91cb1851 Mon Sep 17 00:00:00 2001
From: "jochen@chromium.org"
 <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Mon, 27 Sep 2010 08:30:37 +0000
Subject: Immediately reject empty cookie headers.

BUG=54785
TEST=DoNotSaveEmptyCookies

Review URL: http://codereview.chromium.org/3453021

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60621 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/url_request/url_request_http_job.cc |  6 ++++--
 net/url_request/url_request_unittest.cc | 20 ++++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)

(limited to 'net/url_request')

diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index 11df1d0..a3e88ab 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -793,8 +793,10 @@ void URLRequestHttpJob::FetchResponseCookies(
   std::string value;
 
   void* iter = NULL;
-  while (response_info->headers->EnumerateHeader(&iter, name, &value))
-    cookies->push_back(value);
+  while (response_info->headers->EnumerateHeader(&iter, name, &value)) {
+    if (!value.empty())
+      cookies->push_back(value);
+  }
 }
 
 class HTTPSProberDelegate : public net::HTTPSProberDelegate {
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index c8eaad4..9070ef1 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -1560,6 +1560,26 @@ TEST_F(URLRequestTest, DoNotSaveCookies_ViaPolicy) {
   }
 }
 
+TEST_F(URLRequestTest, DoNotSaveEmptyCookies) {
+  net::TestServer test_server(net::TestServer::TYPE_HTTP, FilePath());
+  ASSERT_TRUE(test_server.Start());
+
+  scoped_refptr<TestURLRequestContext> context = new TestURLRequestContext();
+
+  // Set up an empty cookie.
+  {
+    TestDelegate d;
+    URLRequest req(test_server.GetURL("set-cookie"), &d);
+    req.set_context(context);
+    req.Start();
+    MessageLoop::current()->Run();
+
+    EXPECT_EQ(0, d.blocked_get_cookies_count());
+    EXPECT_EQ(0, d.blocked_set_cookie_count());
+    EXPECT_EQ(0, d.set_cookie_count());
+  }
+}
+
 TEST_F(URLRequestTest, DoNotSendCookies_ViaPolicy_Async) {
   net::TestServer test_server(net::TestServer::TYPE_HTTP, FilePath());
   ASSERT_TRUE(test_server.Start());
-- 
cgit v1.1