net/http: update sanitizeCookieValue description

Commit 8f6d68eb (CL 37328) changed the code of sanitizeCookieValue without updating its description. Change-Id: Ib4a1a1f316548258b828458a31b09706bbd59b53 GitHub-Last-Rev: 9731494e17 GitHub-Pull-Request: golang/go#34790 Reviewed-on: https://go-review.googlesource.com/c/go/+/200041 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2024-11-18 04:34:52 -07:00 · 2019-10-22 15:00:07 +00:00 · 2019-10-22 15:00:07 +00:00 · 07ccdeb192
commit 07ccdeb192
parent ea726d8dc6
1 changed files with 3 additions and 2 deletions
--- a/src/net/http/cookie.go
+++ b/src/net/http/cookie.go
@ -353,6 +353,7 @@ func sanitizeCookieName(n string) string {
 	return cookieNameSanitizer.Replace(n)
 }

+// sanitizeCookieValue produces a suitable cookie-value from v.
 // https://tools.ietf.org/html/rfc6265#section-4.1.1
 // cookie-value      = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
 // cookie-octet      = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
@ -360,8 +361,8 @@ func sanitizeCookieName(n string) string {
 //           ; whitespace DQUOTE, comma, semicolon,
 //           ; and backslash
 // We loosen this as spaces and commas are common in cookie values
-// but we produce a quoted cookie-value in when value starts or ends
-// with a comma or space.
+// but we produce a quoted cookie-value if and only if v contains
+// commas or spaces.
 // See https://golang.org/issue/7243 for the discussion.
 func sanitizeCookieValue(v string) string {
 	v = sanitizeOrWarn("Cookie.Value", validCookieValueByte, v)