[Webkit-unassigned] [Bug 96467] New: Double Cookie with comma as "seperator" causes QuickTime to crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 11 22:06:16 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=96467
Summary: Double Cookie with comma as "seperator" causes
QuickTime to crash
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Web Inspector
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: xn--mlform-iua at xn--mlform-iua.no
CC: timothy at apple.com, abarth at webkit.org, rik at webkit.org,
keishi at webkit.org, pmuellr at yahoo.com,
joepeck at webkit.org, pfeldman at chromium.org,
yurys at chromium.org, bweinstein at apple.com,
apavlov at chromium.org, loislo at chromium.org,
caseq at chromium.org, vsevik at chromium.org
SUMMARY:
Video and audio files served with the popular opensource e-Learning system ATutor (currently at version 2.0.3) causes the QuickTime plug-in to crash in Webkit and Safari for Windows, OSX and iOS. This QuickTime plug-in crash does however not affect other browsers when or if they use the QuickTime plug-in. (For example IE and Firefox and Opera are not affected.)
HOW TO REPLICATE, WITH ATUTOR 2.0.3
1. When trying to play a e.g. a MP3 file - either by clicking a link
or by activating a <audio> element player
2. ATutor sends a cookie such as this one (I split it over 3 lines):
Set-Cookie:
ATutorID=17bea4674128b984e18b7d5a73f1a138; path=/foo/,
ATutorID=17bea4674128b984e18b7d5a73f1a138; path=/foo/
3. Note the comma on the second line. Note also the lack of
semicolon.
4. Firefox inteprets the above as two identical cookies, and thus it
probably deletes the first cookie and keeps the last.
Thus Firefox see the above as equivalen to these two lines:
Set-Cookie: A=B C=D;
Set-Cookie: A=B C=D;
5. Safari, however, probably sees it as a single, very long
cookie. We could describe it as
ATutorID + ATutorID = ATutorIDATutorID
HOWEVER: This is difficult to verify because, although I can see
the cookie(s) in my browser (iCab)’s console, I cannot find it
in its cookie storage.
RESULTS:
A) As soon as I activate the MP3 file, I am kicked out of ATtutor.
B) If the QuickTime player opened, then QuickTime crashes
C) If the Audio player opened, then the player halts - it loads
and loads, but nothing happens.
THEORIES:
* May be the issue is that QuickTime is unable to hanlde the cookie?
* What speaks against that is that if I disable QuickTime (the iCab
browser allows me to do that) I am still kicked out of ATutor when
I click the MP3 link.
* May be the issue is that this "double" cookie causes the old cookie
to be invalidated or unset, wihtout a new cookie being set - with
the result that I get logged out.
REFERNCES:
There is a ATutor bug report here:
* http://atutor.ca/atutor/mantis/view.php?id=5065#c5840
The ATutor bug report informs how you can experience the bug here:
* http://atutor.ca/atutor/demo/content.php?cid=5580
I suspect that this bug is related to Bug 62700
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list