1 files changed, 92 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2014-8639.patch b/gnu/packages/patches/icecat-CVE-2014-8639.patch
new file mode 100644
index 0000000000..2610765f43
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2014-8639.patch
@@ -0,0 +1,92 @@
+From f80b2eefd451b8ed0fd783d9b9ed0412c8d46efd Mon Sep 17 00:00:00 2001
+From: Patrick McManus <mcmanus@ducksong.com>
+Date: Thu, 11 Dec 2014 13:55:16 -0500
+Subject: [PATCH] bug 1095859 - proxy tweak r=valentin.gosu a=bkerensa
+
+---
+ netwerk/protocol/http/nsHttpChannel.cpp |  7 ++++++-
+ netwerk/test/unit/test_auth_proxy.js    | 29 +++++++++++++++++++++++++++++
+ 2 files changed, 35 insertions(+), 1 deletion(-)
+
+diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
+index f20e033..35e71c7 100644
+--- a/netwerk/protocol/http/nsHttpChannel.cpp
++++ b/netwerk/protocol/http/nsHttpChannel.cpp
+@@ -1237,7 +1237,12 @@ nsHttpChannel::ProcessResponse()
+     // notify "http-on-examine-response" observers
+     gHttpHandler->OnExamineResponse(this);
+ 
+-    SetCookie(mResponseHead->PeekHeader(nsHttp::Set_Cookie));
++    // Cookies should not be handled on proxy failure either.
++    // This would be consolidated with ProcessSecurityHeaders but it should
++    // happen after OnExamineResponse.
++    if (!mTransaction->ProxyConnectFailed() && (httpStatus != 407)) {
++        SetCookie(mResponseHead->PeekHeader(nsHttp::Set_Cookie));
++    }
+ 
+     // handle unused username and password in url (see bug 232567)
+     if (httpStatus != 401 && httpStatus != 407) {
+diff --git a/netwerk/test/unit/test_auth_proxy.js b/netwerk/test/unit/test_auth_proxy.js
+index 6af4e98..9275d6d 100644
+--- a/netwerk/test/unit/test_auth_proxy.js
++++ b/netwerk/test/unit/test_auth_proxy.js
+@@ -172,6 +172,12 @@ var listener = {
+       // If we expect 200, the request should have succeeded
+       do_check_eq(this.expectedCode == 200, request.requestSucceeded);
+ 
++      var cookie = "";
++      try {
++        cookie = request.getRequestHeader("Cookie");
++      } catch (e) { }
++      do_check_eq(cookie, "");
++
+     } catch (e) {
+       do_throw("Unexpected exception: " + e);
+     }
+@@ -261,6 +267,25 @@ function test_all_ok() {
+   do_test_pending();
+ }
+ 
++function test_proxy_407_cookie() {
++  var chan = makeChan();
++  chan.notificationCallbacks = new Requestor(FLAG_RETURN_FALSE, 0);
++  chan.setRequestHeader("X-Set-407-Cookie", "1", false);
++  listener.expectedCode = 407; // Proxy Unauthorized
++  chan.asyncOpen(listener, null);
++
++  do_test_pending();
++}
++
++function test_proxy_200_cookie() {
++  var chan = makeChan();
++  chan.notificationCallbacks = new Requestor(0, 0);
++  chan.setRequestHeader("X-Set-407-Cookie", "1", false);
++  listener.expectedCode = 200; // OK
++  chan.asyncOpen(listener, null);
++  do_test_pending();
++}
++
+ function test_host_returnfalse() {
+   dump("\ntest: host returnfalse\n");
+   var chan = makeChan();
+@@ -301,6 +326,7 @@ function test_proxy_wrongpw_host_returnfalse() {
+ }
+ 
+ var tests = [test_proxy_returnfalse, test_proxy_wrongpw, test_all_ok,
++        test_proxy_407_cookie, test_proxy_200_cookie,
+         test_host_returnfalse, test_host_wrongpw,
+         test_proxy_wrongpw_host_wrongpw, test_proxy_wrongpw_host_returnfalse];
+ 
+@@ -331,6 +357,9 @@ function proxyAuthHandler(metadata, response) {
+           "Unauthorized by HTTP proxy");
+       response.setHeader("Proxy-Authenticate",
+           'Basic realm="' + realm + '"', false);
++      if (metadata.hasHeader("X-Set-407-Cookie")) {
++          response.setHeader("Set-Cookie", "chewy", false);
++      }
+       body = "failed";
+       response.bodyOutputStream.write(body, body.length);
+     }
+-- 
+2.1.2
+