mirror of
https://github.com/golang/go
synced 2024-11-22 02:44:39 -07:00
http: don't quote Set-Cookie Domain and Path
Fixes #1659 R=rsc, bradfitzgo, bradfitzwork CC=bradfitz, golang-dev https://golang.org/cl/4368052
This commit is contained in:
parent
a49e7f393f
commit
8b35293070
@ -142,12 +142,12 @@ func writeSetCookies(w io.Writer, kk []*Cookie) os.Error {
|
|||||||
var b bytes.Buffer
|
var b bytes.Buffer
|
||||||
for _, c := range kk {
|
for _, c := range kk {
|
||||||
b.Reset()
|
b.Reset()
|
||||||
fmt.Fprintf(&b, "%s=%s", c.Name, c.Value)
|
fmt.Fprintf(&b, "%s=%s", sanitizeName(c.Name), sanitizeValue(c.Value))
|
||||||
if len(c.Path) > 0 {
|
if len(c.Path) > 0 {
|
||||||
fmt.Fprintf(&b, "; Path=%s", URLEscape(c.Path))
|
fmt.Fprintf(&b, "; Path=%s", sanitizeValue(c.Path))
|
||||||
}
|
}
|
||||||
if len(c.Domain) > 0 {
|
if len(c.Domain) > 0 {
|
||||||
fmt.Fprintf(&b, "; Domain=%s", URLEscape(c.Domain))
|
fmt.Fprintf(&b, "; Domain=%s", sanitizeValue(c.Domain))
|
||||||
}
|
}
|
||||||
if len(c.Expires.Zone) > 0 {
|
if len(c.Expires.Zone) > 0 {
|
||||||
fmt.Fprintf(&b, "; Expires=%s", c.Expires.Format(time.RFC1123))
|
fmt.Fprintf(&b, "; Expires=%s", c.Expires.Format(time.RFC1123))
|
||||||
@ -225,7 +225,7 @@ func readCookies(h Header) []*Cookie {
|
|||||||
func writeCookies(w io.Writer, kk []*Cookie) os.Error {
|
func writeCookies(w io.Writer, kk []*Cookie) os.Error {
|
||||||
lines := make([]string, 0, len(kk))
|
lines := make([]string, 0, len(kk))
|
||||||
for _, c := range kk {
|
for _, c := range kk {
|
||||||
lines = append(lines, fmt.Sprintf("Cookie: %s=%s\r\n", c.Name, c.Value))
|
lines = append(lines, fmt.Sprintf("Cookie: %s=%s\r\n", sanitizeName(c.Name), sanitizeValue(c.Value)))
|
||||||
}
|
}
|
||||||
sort.SortStrings(lines)
|
sort.SortStrings(lines)
|
||||||
for _, l := range lines {
|
for _, l := range lines {
|
||||||
@ -236,6 +236,19 @@ func writeCookies(w io.Writer, kk []*Cookie) os.Error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func sanitizeName(n string) string {
|
||||||
|
n = strings.Replace(n, "\n", "-", -1)
|
||||||
|
n = strings.Replace(n, "\r", "-", -1)
|
||||||
|
return n
|
||||||
|
}
|
||||||
|
|
||||||
|
func sanitizeValue(v string) string {
|
||||||
|
v = strings.Replace(v, "\n", " ", -1)
|
||||||
|
v = strings.Replace(v, "\r", " ", -1)
|
||||||
|
v = strings.Replace(v, ";", " ", -1)
|
||||||
|
return v
|
||||||
|
}
|
||||||
|
|
||||||
func unquoteCookieValue(v string) string {
|
func unquoteCookieValue(v string) string {
|
||||||
if len(v) > 1 && v[0] == '"' && v[len(v)-1] == '"' {
|
if len(v) > 1 && v[0] == '"' && v[len(v)-1] == '"' {
|
||||||
return v[1 : len(v)-1]
|
return v[1 : len(v)-1]
|
||||||
|
@ -21,9 +21,13 @@ var writeSetCookiesTests = []struct {
|
|||||||
[]*Cookie{
|
[]*Cookie{
|
||||||
&Cookie{Name: "cookie-1", Value: "v$1"},
|
&Cookie{Name: "cookie-1", Value: "v$1"},
|
||||||
&Cookie{Name: "cookie-2", Value: "two", MaxAge: 3600},
|
&Cookie{Name: "cookie-2", Value: "two", MaxAge: 3600},
|
||||||
|
&Cookie{Name: "cookie-3", Value: "three", Domain: ".example.com"},
|
||||||
|
&Cookie{Name: "cookie-4", Value: "four", Path: "/restricted/"},
|
||||||
},
|
},
|
||||||
"Set-Cookie: cookie-1=v$1\r\n" +
|
"Set-Cookie: cookie-1=v$1\r\n" +
|
||||||
"Set-Cookie: cookie-2=two; Max-Age=3600\r\n",
|
"Set-Cookie: cookie-2=two; Max-Age=3600\r\n" +
|
||||||
|
"Set-Cookie: cookie-3=three; Domain=.example.com\r\n" +
|
||||||
|
"Set-Cookie: cookie-4=four; Path=/restricted/\r\n",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user