diff options
author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2022-08-16 18:36:12 +0900 |
---|---|---|
committer | git <svn-admin@ruby-lang.org> | 2022-11-22 02:00:10 +0000 |
commit | c05f85f373ed48594d9bf08e11ae0c84c06062f7 (patch) | |
tree | 3570c9348f62857ee80c23c3532c009cc8220584 /test/cgi | |
parent | cf05c202ce7716748c4f2f9c24b52fe7f12d40fc (diff) |
[ruby/cgi] Check cookie name/path/domain characters
https://hackerone.com/reports/1204977
https://github.com/ruby/cgi/commit/30107a4797
Diffstat (limited to 'test/cgi')
-rw-r--r-- | test/cgi/test_cgi_cookie.rb | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb index 985cc0d7a1..2f09d0f9b2 100644 --- a/test/cgi/test_cgi_cookie.rb +++ b/test/cgi/test_cgi_cookie.rb @@ -118,6 +118,70 @@ class CGICookieTest < Test::Unit::TestCase end + def test_cgi_cookie_domain_injection_into_name + name = "a=b; domain=example.com;" + path = "/" + domain = "example.jp" + assert_raise(ArgumentError) do + CGI::Cookie.new('name' => name, + 'value' => "value", + 'domain' => domain, + 'path' => path) + end + end + + + def test_cgi_cookie_newline_injection_into_name + name = "a=b;\r\nLocation: http://example.com#" + path = "/" + domain = "example.jp" + assert_raise(ArgumentError) do + CGI::Cookie.new('name' => name, + 'value' => "value", + 'domain' => domain, + 'path' => path) + end + end + + + def test_cgi_cookie_multibyte_injection_into_name + name = "a=b;\u3042" + path = "/" + domain = "example.jp" + assert_raise(ArgumentError) do + CGI::Cookie.new('name' => name, + 'value' => "value", + 'domain' => domain, + 'path' => path) + end + end + + + def test_cgi_cookie_injection_into_path + name = "name" + path = "/; samesite=none" + domain = "example.jp" + assert_raise(ArgumentError) do + CGI::Cookie.new('name' => name, + 'value' => "value", + 'domain' => domain, + 'path' => path) + end + end + + + def test_cgi_cookie_injection_into_domain + name = "name" + path = "/" + domain = "example.jp; samesite=none" + assert_raise(ArgumentError) do + CGI::Cookie.new('name' => name, + 'value' => "value", + 'domain' => domain, + 'path' => path) + end + end + instance_methods.each do |method| private method if method =~ /^test_(.*)/ && $1 != ENV['TEST'] |