summaryrefslogtreecommitdiff
path: root/core/java/android/webkit/CookieManager.java
diff options
context:
space:
mode:
authorGrace Kloba <klobag@google.com>2009-08-16 00:05:01 -0700
committerGrace Kloba <klobag@google.com>2009-08-16 00:05:01 -0700
commitdbdad99813be49f2a64b876507ae18db42db7bbc (patch)
treea6a8ec6e1fc77ae4216927d7e6af34b79ab080f3 /core/java/android/webkit/CookieManager.java
parent0cd48879dca53a9f4d449126d406527bc4b94baf (diff)
Fix a cookie bug. If "secure" is in the end of the string, it was ignored.
Diffstat (limited to 'core/java/android/webkit/CookieManager.java')
-rw-r--r--core/java/android/webkit/CookieManager.java6
1 files changed, 4 insertions, 2 deletions
diff --git a/core/java/android/webkit/CookieManager.java b/core/java/android/webkit/CookieManager.java
index d188a3986118..fca591f4fb7a 100644
--- a/core/java/android/webkit/CookieManager.java
+++ b/core/java/android/webkit/CookieManager.java
@@ -833,22 +833,24 @@ public final class CookieManager {
// "secure" is a known attribute doesn't use "=";
// while sites like live.com uses "secure="
- if (length - index > SECURE_LENGTH
+ if (length - index >= SECURE_LENGTH
&& cookieString.substring(index, index + SECURE_LENGTH).
equalsIgnoreCase(SECURE)) {
index += SECURE_LENGTH;
cookie.secure = true;
+ if (index == length) break;
if (cookieString.charAt(index) == EQUAL) index++;
continue;
}
// "httponly" is a known attribute doesn't use "=";
// while sites like live.com uses "httponly="
- if (length - index > HTTP_ONLY_LENGTH
+ if (length - index >= HTTP_ONLY_LENGTH
&& cookieString.substring(index,
index + HTTP_ONLY_LENGTH).
equalsIgnoreCase(HTTP_ONLY)) {
index += HTTP_ONLY_LENGTH;
+ if (index == length) break;
if (cookieString.charAt(index) == EQUAL) index++;
// FIXME: currently only parse the attribute
continue;
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-25 02:40:33 +0000