OddBloke/reproduce.sh

## reproduce.sh
#!/bin/bash
set -m

cleanup () {
    jobs -p | xargs kill -INT
}

python source.py &
python target.py &

sleep 1

# Note that we get 127.0.0.1 but are redirected to localhost; we need
# different host names (not just different ports)
COOKIES=$(python -c "import requests; print requests.get('http://127.0.0.1:9001').content")
if [[ "$COOKIES" == *"super secret"* ]]; then
    echo "TEST FAILED; FOUND COOKIE AFTER REDIRECT"
    cleanup
    exit 1
fi
echo "TEST PASSED"

trap 'cleanup' EXIT

## requirements.txt
bottle
requests

## source.py
from bottle import redirect, response, route, run


@route('/')
def index():
    response.set_cookie('source_cookie', 'super secret')
    redirect('http://localhost:9002/')

run(host='localhost', port=9001)

## target.py
from bottle import request, route, run


@route('/')
def index():
    return '\n'.join([
        '{}: {}'.format(key, value)
        for key, value in request.cookies.items()])

run(host='localhost', port=9002)
	#!/bin/bash
	set -m

	cleanup () {
	jobs -p \| xargs kill -INT
	}

	python source.py &
	python target.py &

	sleep 1

	# Note that we get 127.0.0.1 but are redirected to localhost; we need
	# different host names (not just different ports)
	COOKIES=$(python -c "import requests; print requests.get('http://127.0.0.1:9001').content")
	if [[ "$COOKIES" == "super secret" ]]; then
	echo "TEST FAILED; FOUND COOKIE AFTER REDIRECT"
	cleanup
	exit 1
	fi
	echo "TEST PASSED"

	trap 'cleanup' EXIT
	from bottle import redirect, response, route, run


	@route('/')
	def index():
	response.set_cookie('source_cookie', 'super secret')
	redirect('http://localhost:9002/')

	run(host='localhost', port=9001)
	from bottle import request, route, run


	@route('/')
	def index():
	return '\n'.join([
	'{}: {}'.format(key, value)
	for key, value in request.cookies.items()])

	run(host='localhost', port=9002)