Merge "Disallow top level domains in Cookie::validateCookieDomain()."

author jenkins-bot <jenkins-bot@gerrit.wikimedia.org>

Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)

committer Gerrit Code Review <gerrit@wikimedia.org>

Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)
author jenkins-bot <jenkins-bot@gerrit.wikimedia.org>
Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)
committer Gerrit Code Review <gerrit@wikimedia.org>
Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)
diff --git a/includes/Cookie.php b/includes/Cookie.php

index b8d34e2..8b5906a 100644 (file)
--- a/includes/Cookie.php
+++ b/includes/Cookie.php
@@ -90,13 +90,15 @@ class Cookie {
          * @return bool
          */
         public static function validateCookieDomain( $domain, $originDomain = null ) {
-               // Don't allow a trailing dot
-               if ( substr( $domain, -1 ) == '.' ) {
+               $dc = explode( ".", $domain );
+
+               // Don't allow a trailing dot or addresses without a or just a leading dot
+               if ( substr( $domain, -1 ) == '.' ||
+                        count( $dc ) <= 1 ||
+                        count( $dc ) == 2 && $dc[0] === '' ) {
                         return false;
                 }
  
-               $dc = explode( ".", $domain );
-
                 // Only allow full, valid IP addresses
                 if ( preg_match( '/^[0-9.]+$/', $domain ) ) {
                         if ( count( $dc ) != 4 ) {
author	jenkins-bot <jenkins-bot@gerrit.wikimedia.org>
	Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)
committer	Gerrit Code Review <gerrit@wikimedia.org>
	Tue, 29 Jul 2014 20:07:47 +0000 (20:07 +0000)