From dea648a9e3d554c9afc1dd95b1aa3d752516c54e Mon Sep 17 00:00:00 2001 From: Nick Vatamaniuc Date: Tue, 14 Jan 2020 11:34:19 -0500 Subject: Ignore other cookies in replication auth session plugin If we somehow get any other cookies in don't spam the logs with error messages. --- src/couch_replicator/src/couch_replicator_auth_session.erl | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/couch_replicator/src/couch_replicator_auth_session.erl b/src/couch_replicator/src/couch_replicator_auth_session.erl index 30f499a33..7e66c500d 100644 --- a/src/couch_replicator/src/couch_replicator_auth_session.erl +++ b/src/couch_replicator/src/couch_replicator_auth_session.erl @@ -461,7 +461,7 @@ parse_cookie(Headers0) -> CaseInsKVs = mochiweb_headers:make(CookieKVs), case mochiweb_headers:get_value("AuthSession", CaseInsKVs) of undefined -> - {error, cookie_format_invalid}; + {error, cookie_not_found}; Cookie -> MaxAge = parse_max_age(CaseInsKVs), {ok, MaxAge, Cookie} @@ -646,6 +646,7 @@ cookie_update_test_() -> t_process_auth_failure_stale_epoch(), t_process_auth_failure_too_frequent(), t_process_ok_update_cookie(), + t_process_ok_ignore_other_cookies(), t_process_ok_no_cookie(), t_init_state_fails_on_401(), t_init_state_401_with_require_valid_user(), @@ -731,6 +732,17 @@ t_process_ok_update_cookie() -> end). +t_process_ok_ignore_other_cookies() -> + ?_test(begin + Headers = [{"set-CookiE", "Other=xyz; Path=/;"}, {"X", "y"}], + Res = process_response(200, Headers, 1, #state{}), + ?assertMatch({continue, #state{cookie = undefined, epoch = 0}}, Res), + State = #state{cookie = "mycookie", epoch = 5}, + Res2 = process_response(200, Headers, 1, State), + ?assertMatch({continue, #state{cookie = "mycookie", epoch = 5}}, Res2) + end). + + t_process_ok_no_cookie() -> ?_test(begin Headers = [{"X", "y"}], -- cgit v1.2.1