Bug 28037 - logging: ${cookie}C matches first substring
Summary: logging: ${cookie}C matches first substring
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_log_config (show other bugs)
Version: 2.0-HEAD
Hardware: All All
: P3 normal with 16 votes (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: FixedInTrunk, PatchAvailable
: 27823 49166 (view as bug list)
Depends on:
Blocks:
 
Reported: 2004-03-30 03:55 UTC by Dan Franklin
Modified: 2010-08-24 02:47 UTC (History)
2 users (show)



Attachments
Patch to fix bugs in log_cookie function in mod_log_config.c (2.11 KB, patch)
2004-03-30 04:02 UTC, Dan Franklin
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Dan Franklin 2004-03-30 03:55:53 UTC
(This bug report supersedes bug 27823.)

%{cookname}C will log the value of the first cookie whose name includes
"cookname" as any substring.  To reproduce, configure httpd with a LogFormat such as
Comment 1 Dan Franklin 2004-03-30 04:01:39 UTC
(This bug report supersedes bug 27823.)

%{cookname}C will log the value of the first cookie whose name includes
"cookname" as any substring.  To reproduce, configure httpd with a LogFormat such as

LogFormat ${cook}C %t \"%r\" %>s %b" commontest
CustomLog logs/access_log commontest

Now test it with a cookie header that starts with a cookie named "logcookie":

GET -d -H 'Cookie: logcookie=wrong_value; cook=right_value' http://127.0.0.1/

Examine access_log and see that the wrong_value has been captured:

127.0.0.1 e=wrong_value - [29/Mar/2004:22:59:08 -0500] "GET / HTTP/1.1" 200 1456

The attached patch fixes this bug, and also brings %{...}C into compliance with
RFC 2109, which says that cookie names are case-independent and white space
is permitted around the '=' separating the name and value.

Comment 2 Dan Franklin 2004-03-30 04:02:49 UTC
Created attachment 11040 [details]
Patch to fix bugs in log_cookie function in mod_log_config.c
Comment 3 Jeff Trawick 2004-03-30 10:21:54 UTC
*** Bug 27823 has been marked as a duplicate of this bug. ***
Comment 4 Y. Wayne Huang 2006-11-11 16:59:13 UTC
as of 2.0.59 this bug still exists.  ALSO, the description is incorrect.  the 
returned cookie's value will be whatever value starts at 1 position after the 
end of the match of the cookie's name to *ANY* part of the Cookie header 
string to the next ';' or end of string.  thus, if i want cookie "b" and have 
HTTP_COOKIE of

"auth=FNsijUa5mbFSzPZRqxP5aQ; userId=536; 
b=95b803f5ed27fe13b84b186559553aaf835082952f54a0b7c7ea"

the value returned will be "SzPZRqxP5aQ".  the patch looks like it'll solve 
this problem.
Comment 5 Y. Wayne Huang 2006-11-13 11:23:00 UTC
patch confirmed to work in 2.0.59

(In reply to comment #4)
> the value returned will be "SzPZRqxP5aQ".  the patch looks like it'll solve 
> this problem.

Comment 6 Stefan Fritsch 2009-11-07 11:20:58 UTC
fixed in trunk in r833738
Comment 7 Stefan Fritsch 2010-04-21 16:38:17 UTC
*** Bug 49166 has been marked as a duplicate of this bug. ***
Comment 8 Stefan Fritsch 2010-05-10 16:27:52 UTC
proposed for backport to 2.2.x in r942891

> Stefan: how would I go about agitating for a backport?
Gervase: Posting to the bug report ist the correct first step. If nobody reacts in a few weeks, mailing to the httpd-dev mailing list is a good idea.
Comment 9 Ruediger Pluem 2010-08-24 02:47:31 UTC
Backported to 2.2.x as r988403.