search

KawaiiBASIC / classilla

Automatically exported from code.google.com/p/classilla
0 stars 0 forks source link

Cookies far in the future overflow time [www.cartridgeshop.co.uk] [M195908 & deps] #210

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
http://www.cartridgeshop.co.uk/Catalog/2028/HP-Color-LaserJet-1600-Printer-Toner
-Cartridges.html
Clicking add to basket doesn't.
It does work (without JavaScript) in TenFourFox.
Not a regression as far back as 9.3.0.

Original issue reported on code.google.com by classi...@floodgap.com on 3 Jan 2013 at 4:38

GoogleCodeExporter commented 9 years ago 
While we're at it, should try to fix 
https://bugzilla.mozilla.org/show_bug.cgi?id=252342 (we have to do this 
ourselves, we have no eTLD service)

Original comment by classi...@floodgap.com on 3 Jan 2013 at 4:48

GoogleCodeExporter commented 9 years ago 
We'll need a cookie log.

Original comment by classi...@floodgap.com on 3 Jan 2013 at 4:54

GoogleCodeExporter commented 9 years ago 
Notice the HUID doesn't get incorporated.

0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:07 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/
0[7e2a11c]: cookie string: Device=; expires=Wed, 02-Jan-2013 04:58:17 GMT; 
path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:08 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: Device
0[7e2a11c]: value: 
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970
0[7e2a11c]: is secure: false
0[7e2a11c]: 
.
.
.
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/Catalog/7001/Brother-P-Touch-18R-Label-Printer-In
k-Cartridges.html
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:17 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/Catalog/7001/Brother-P-Touch-18R-Label-Printer-In
k-Cartridges.html
0[7e2a11c]: cookie string: Device=; expires=Wed, 02-Jan-2013 04:58:26 GMT; 
path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:17 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: Device
0[7e2a11c]: value: 
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970
0[7e2a11c]: is secure: false
0[7e2a11c]: 
.
.
.
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer/AddToBasket
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:24 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer/AddToBasket
0[7e2a11c]: cookie string: HUID=BKfd056817-5cb2-45f4-8f12-2bd3627d21d3-LV; 
expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: HUID
0[7e2a11c]: value: BKfd056817-5cb2-45f4-8f12-2bd3627d21d3-LV
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970
0[7e2a11c]: is secure: false
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer/AddToBasket
0[7e2a11c]: cookie string: CSC=; expires=Wed, 02-Jan-2013 04:58:34 GMT; path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: CSC
0[7e2a11c]: value: 
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970
0[7e2a11c]: is secure: false
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer
0[7e2a11c]: cookie string: CSC=1; expires=Thu, 10-Jan-2013 04:58:34 GMT; path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: CSC
0[7e2a11c]: value: 1
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan 10 13:01:26 2013
0[7e2a11c]: is secure: false
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE ACCEPTED =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/Offer
0[7e2a11c]: cookie string: Device=; expires=Wed, 02-Jan-2013 04:58:34 GMT; 
path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: Device
0[7e2a11c]: value: 
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970
0[7e2a11c]: is secure: false
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/assets/css/cartridgeshop.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/assets/css/reset.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/assets/css/typography.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/assets/css/global.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/assets/css/thickbox.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/assets/css/ui.tabs.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/assets/css/jquery.fancybox-1.3.4.css
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: http://www.cartridgeshop.co.uk/assets/js/cs-common.js
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/assets/js/jquery.fancybox-1.3.4.pack.js
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
https://www.cartridgeshop.co.uk/assets/js/googlecookie.js
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: https://maxemail.emailcenteruk.com/scripts/tracker.js
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:26 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
https://images.scanalert.com/meter/www.cartridgeshop.co.uk/13.gif
0[7e2a11c]: cookie string: (null)
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:26 2013
0[7e2a11c]: 
0[7e2a11c]: ===== COOKIE SENT =====
0[7e2a11c]: request URL: 
http://www.cartridgeshop.co.uk/assets/backgrounds/progress.gif
0[7e2a11c]: cookie string: CSC=1
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:27 2013
0[7e2a11c]:

Original comment by classi...@floodgap.com on 3 Jan 2013 at 5:02

GoogleCodeExporter commented 9 years ago 
We should look at https://bugzilla.mozilla.org/show_bug.cgi?id=187304

Original comment by classi...@floodgap.com on 3 Jan 2013 at 5:07

GoogleCodeExporter commented 9 years ago 
Actually, I see what's going on:
0[7e2a11c]: cookie string: HUID=BKfd056817-5cb2-45f4-8f12-2bd3627d21d3-LV; 
expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
0[7e2a11c]: current time (gmt): Thu Jan  3 13:01:25 2013
0[7e2a11c]: ----------------
0[7e2a11c]: name: HUID
0[7e2a11c]: value: BKfd056817-5cb2-45f4-8f12-2bd3627d21d3-LV
0[7e2a11c]: host: www.cartridgeshop.co.uk
0[7e2a11c]: path: /
0[7e2a11c]: expires (gmt): Thu Jan  1 08:00:01 1970

This is fixed somewhere in https://bugzilla.mozilla.org/show_bug.cgi?id=195908, 
but basically it's a time issue.

Original comment by classi...@floodgap.com on 3 Jan 2013 at 5:08

GoogleCodeExporter commented 9 years ago 
This is probably good to get in 9.3.2.

Original comment by classi...@floodgap.com on 3 Jan 2013 at 5:09

GoogleCodeExporter commented 9 years ago 
An easy solution is if the date is > the max date in 
https://bugzilla.mozilla.org/show_bug.cgi?id=187254, set it to the max date. 
This is just wallpaper though.

Original comment by classi...@floodgap.com on 3 Jan 2013 at 5:11

GoogleCodeExporter commented 9 years ago 
Actually, because this version of cookies relies on time_t instead of PRTime, 
we are limited to 32-bit timevals anyway. The second problem was that the time 
value *double* overflowed because of the year 9999, making time_t > 2^32 (not 
just 2^31), so it looked positive instead of negative despite time_t being 
signed ints in Mac OS 9. So we just compare the 64-bit intermediate result in 
cookie_ParseDate against MAX_INT and if it's already over, then we just make it 
MAX_INT. And that works.

Original comment by classi...@floodgap.com on 4 Jan 2013 at 2:52

GoogleCodeExporter commented 9 years ago

Original comment by classi...@floodgap.com on 6 Jan 2013 at 7:49