feat(std/http): Check if cookie property is valid (#7189)

Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>

1 files changed, 35 insertions, 1 deletions

diff --git a/std/http/cookie_test.ts b/std/http/cookie_test.ts
index 0f7c68635..0f42a9381 100644
--- a/std/http/cookie_test.ts
+++ b/std/http/cookie_test.ts
@@ -1,7 +1,7 @@
 // Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
 import { Response, ServerRequest } from "./server.ts";
 import { deleteCookie, getCookies, setCookie } from "./cookie.ts";
-import { assert, assertEquals } from "../testing/asserts.ts";
+import { assert, assertEquals, assertThrows } from "../testing/asserts.ts";
 
 Deno.test({
   name: "Cookie parser",
@@ -32,6 +32,40 @@ Deno.test({
 });
 
 Deno.test({
+  name: "Cookie Name Validation",
+  fn(): void {
+    const res: Response = {};
+    const tokens = [
+      '"id"',
+      "id\t",
+      "i\td",
+      "i d",
+      "i;d",
+      "{id}",
+      "[id]",
+      '"',
+      "id\u0091",
+    ];
+    res.headers = new Headers();
+    tokens.forEach((name) => {
+      assertThrows(
+        (): void => {
+          setCookie(res, {
+            name,
+            value: "Cat",
+            httpOnly: true,
+            secure: true,
+            maxAge: 3,
+          });
+        },
+        Error,
+        'Invalid cookie name: "' + name + '".',
+      );
+    });
+  },
+});
+
+Deno.test({
   name: "Cookie Delete",
   fn(): void {
     const res: Response = {};