BIN: Fix webtest script when : in cookies

If there was a colon in a cookie, the script would misidentify insecure cookie configurations
3 years ago · 1f29c17ab5
parent a3f75d9b32
commit 1f29c17ab5
1 changed files with 3 additions and 1 deletions
--- a/bin/.bin/webtest/analyse-headers
+++ b/bin/.bin/webtest/analyse-headers
@ -229,12 +229,14 @@ channel.\n\n"
 }

 test_set-cookie(){
-	local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
+	local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
 	local cookieName="$(echo "$value" | cut -d '=' -f 1)"
 	local ret=0
 	local output=""

 	if ! echo "$value" | grep -q "HttpOnly"; then
+		echo "$value"
+		echo "$value" | grep -q "HttpOnly" --color always
 		output+="The HttpOnly flag isn't set which means the cookie value can \
 be read by JavaScript. If a malicious actor manages to run JavaScript through \
 methods like XSS, they may be able to steal the contents of cookies\n\n"