* Allow cookies with spaces in the name
* Apply suggestions from code review
Co-Authored-By: PaitoAnderson <pj.paito@gmail.com>
* Added supporting HttpClient functional cookie test
* Updated UWP cookie class and added additional tests
* Prevent cookies with spaces at the start or end
* Forgot UWP
* Fix could allocate on trim
Co-Authored-By: Ben Adams <thundercat@illyriad.co.uk>
* Better cookie space start/end check
Co-Authored-By: Ben Adams <thundercat@illyriad.co.uk>
* Bring checks into line
Co-Authored-By: Ben Adams <thundercat@illyriad.co.uk>
* Skip test on .net framework
* Skip additional tests on .net framework
* Fix typo
Commit migrated from https://github.com/dotnet/corefx/commit/
8a22438a1af870cdd04eaf798b155b8a1ab04cb4
internal const string SpecialAttributeLiteral = "$";
internal static readonly char[] PortSplitDelimiters = new char[] { ' ', ',', '\"' };
- internal static readonly char[] Reserved2Name = new char[] { ' ', '\t', '\r', '\n', '=', ';', ',' };
+ // Space (' ') should be reserved as well per RFCs, but major web browsers support it and some web sites use it - so we support it too
+ internal static readonly char[] Reserved2Name = new char[] { '\t', '\r', '\n', '=', ';', ',' };
internal static readonly char[] Reserved2Value = new char[] { ';', ',' };
// fields
internal bool InternalSetName(string value)
{
- if (string.IsNullOrEmpty(value) || value[0] == '$' || value.IndexOfAny(Reserved2Name) != -1)
+ if (string.IsNullOrEmpty(value) || value[0] == '$' || value.IndexOfAny(Reserved2Name) != -1 || value[0] == ' ' || value[value.Length - 1] == ' ')
{
m_name = string.Empty;
return false;
}
//Check the name
- if (m_name == null || m_name.Length == 0 || m_name[0] == '$' || m_name.IndexOfAny(Reserved2Name) != -1)
+ if (string.IsNullOrEmpty(m_name) || m_name[0] == '$' || m_name.IndexOfAny(Reserved2Name) != -1 || m_name[0] == ' ' || m_name[m_name.Length - 1] == ' ')
{
if (isThrow)
{
yield return new object[] { "Hello", "World", useCookies };
yield return new object[] { "foo", "bar", useCookies };
+ if (!PlatformDetection.IsFullFramework) {
+ yield return new object[] { "Hello World", "value", useCookies };
+ }
+
yield return new object[] { ".AspNetCore.Session", "RAExEmXpoCbueP_QYM", useCookies };
yield return new object[]
144, "Set-Cookie: name=value", null
};
+ if (!PlatformDetection.IsFullFramework)
+ {
+ yield return new object[]
+ {
+ new CookieCollection()
+ {
+ new Cookie("foo bar", "value")
+ },
+ 147, "Set-Cookie: foo bar=value", null
+ };
+ }
+
yield return new object[]
{
new CookieCollection()
internal const string SpecialAttributeLiteral = "$";
internal static readonly char[] PortSplitDelimiters = new char[] { ' ', ',', '\"' };
- internal static readonly char[] ReservedToName = new char[] { ' ', '\t', '\r', '\n', '=', ';', ',' };
+ // Space (' ') should be reserved as well per RFCs, but major web browsers support it and some web sites use it - so we support it too
+ internal static readonly char[] ReservedToName = new char[] { '\t', '\r', '\n', '=', ';', ',' };
internal static readonly char[] ReservedToValue = new char[] { ';', ',' };
private string m_comment = string.Empty; // Do not rename (binary serialization)
#endif
bool InternalSetName(string value)
{
- if (string.IsNullOrEmpty(value) || value[0] == '$' || value.IndexOfAny(ReservedToName) != -1)
+ if (string.IsNullOrEmpty(value) || value[0] == '$' || value.IndexOfAny(ReservedToName) != -1 || value[0] == ' ' || value[value.Length - 1] == ' ')
{
m_name = string.Empty;
return false;
}
// Check the name
- if (m_name == null || m_name.Length == 0 || m_name[0] == '$' || m_name.IndexOfAny(ReservedToName) != -1)
+ if (string.IsNullOrEmpty(m_name) || m_name[0] == '$' || m_name.IndexOfAny(ReservedToName) != -1 || m_name[0] == ' ' || m_name[m_name.Length - 1] == ' ')
{
if (shouldThrow)
{
[Fact]
public static void Name_GetSet_Success()
{
- Cookie c = new Cookie();
- Assert.Equal(string.Empty, c.Name);
+ Cookie c1 = new Cookie();
+ Assert.Equal(string.Empty, c1.Name);
- c.Name = "hello";
- Assert.Equal("hello", c.Name);
+ c1.Name = "hello";
+ Assert.Equal("hello", c1.Name);
+
+ if (!PlatformDetection.IsFullFramework)
+ {
+ Cookie c2 = new Cookie();
+ c2.Name = "hello world";
+ Assert.Equal("hello world", c2.Name);
+ }
}
[Theory]
[InlineData("")]
[InlineData("$hello")]
[InlineData("hello ")]
+ [InlineData(" hello")]
[InlineData("hello\t")]
[InlineData("hello\r")]
[InlineData("hello\n")]
new Cookie("_m_ask_fm_session", "session1")
}
}; // Empty header followed by another empty header at the end
+
+ if (!PlatformDetection.IsFullFramework)
+ {
+ yield return new object[]
+ {
+ uSecure,
+ "hello world=value",
+ new Cookie[]
+ {
+ new Cookie("hello world", "value"),
+ }
+ }; // Name with space in it
+ }
}
[Theory]