feat(std/http): Add Cookie value validation (#8471)

author: Yasser A.Idrissi <spookyframework@gmail.com> 2020-12-01 14:23:03 +0100
committer: GitHub <noreply@github.com> 2020-12-01 14:23:03 +0100
commit: 447f3fe410c85e153a518474789682f2accab740 (patch)
tree: 1403ec16eb1f9c847ebff3f8e0186626f9d02ac2 /std/http/cookie_test.ts
parent: 5560a6d589ea3414d01b684b59769625c3576e8a (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/std/http/cookie_test.ts b/std/http/cookie_test.ts
index bc45b2996..09d6764af 100644
--- a/std/http/cookie_test.ts
+++ b/std/http/cookie_test.ts
@@ -66,6 +66,44 @@ Deno.test({
 });
 
 Deno.test({
+  name: "Cookie Value Validation",
+  fn(): void {
+    const res: Response = {};
+    const tokens = [
+      "1f\tWa",
+      "\t",
+      "1f Wa",
+      "1f;Wa",
+      '"1fWa',
+      "1f\\Wa",
+      '1f"Wa',
+      '"',
+      "1fWa\u0005",
+      "1f\u0091Wa",
+    ];
+    res.headers = new Headers();
+    tokens.forEach((value) => {
+      assertThrows(
+        (): void => {
+          setCookie(
+            res,
+            {
+              name: "Space",
+              value,
+              httpOnly: true,
+              secure: true,
+              maxAge: 3,
+            },
+          );
+        },
+        Error,
+        "RFC2616 cookie 'Space'",
+      );
+    });
+  },
+});
+
+Deno.test({
   name: "Cookie Path Validation",
   fn(): void {
     const res: Response = {};
author	Yasser A.Idrissi <spookyframework@gmail.com>	2020-12-01 14:23:03 +0100
committer	GitHub <noreply@github.com>	2020-12-01 14:23:03 +0100
commit	447f3fe410c85e153a518474789682f2accab740 (patch)
tree	1403ec16eb1f9c847ebff3f8e0186626f9d02ac2 /std/http/cookie_test.ts
parent	5560a6d589ea3414d01b684b59769625c3576e8a (diff)