Skip to content
Snippets Groups Projects
Verified Commit 9cd9c101 authored by edgul's avatar edgul Committed by ma1
Browse files

Bug 1802057 - Block the following characters from use in the cookie name in...

Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D182373
parent d6a3d0a2
No related branches found
No related tags found
1 merge request!1326Bug 43383: Rebased legacy onto 115.19.0esr
......@@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) {
bool CookieCommons::CheckName(const CookieStruct& aCookieData) {
const char illegalNameCharacters[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00};
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00};
const auto* start = aCookieData.name().BeginReading();
const auto* end = aCookieData.name().EndReading();
......
......@@ -11,36 +11,6 @@
[Cookie with %xd in name is rejected (DOM).]
expected: FAIL
[Cookie with %x7f in name is rejected (DOM).]
expected: FAIL
[Cookie with %x0 in name is rejected or modified (HTTP).]
expected: FAIL
[Cookie with %x1 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x2 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x3 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x4 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x5 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x6 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x7 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x8 in name is rejected (HTTP).]
expected: FAIL
[Cookie with %x9 in name is accepted (HTTP).]
expected: FAIL
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment