[or-cvs] [torbutton/master] Fix 2377: Limit the Google captcha cookies we copy between domains.
mikeperry at torproject.org
mikeperry at torproject.org
Sun Feb 13 12:50:40 UTC 2011
commit b143912172615d4d1a366f6fb4f1fffbb356b37c
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Sun Feb 13 04:45:31 2011 -0800
Fix 2377: Limit the Google captcha cookies we copy between domains.
I couldn't reproduce the issue with this fix, but reproduction seems random
and erratic, so maybe it is not fixed still..
---
src/chrome/content/torbutton.js | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js
index 3d4d0dc..54e15f4 100644
--- a/src/chrome/content/torbutton.js
+++ b/src/chrome/content/torbutton.js
@@ -2873,7 +2873,9 @@ function torbutton_xfer_google_cookies(subject, topic, data) {
/^(\.www|www|)\.google\.(co\.\S\S|com|\S\S|com\.\S\S)$/);
}
// Copy all relevent cookies (except for ssl)
- if (hostmatched && !cookie.isSecure) {
+ // only copy captcha cookie ("S"?)
+ if (hostmatched && !cookie.isSecure
+ && (cookie.name in {"S":1,"NID":1,"PREF":1,"GDSESS":1,"SNID":1})) {
copy_cookies.push(cookie);
}
}
More information about the tor-commits
mailing list