net/http: clarify that AddCookie only sanitizes the Cookie being added - go - Fork of Go programming language with my patches.

diff options

author	Volker Dobler <dr.volker.dobler@gmail.com>	2020-05-26 16:55:28 +0200
committer	Emmanuel Odeke <emm.odeke@gmail.com>	2020-05-29 09:21:54 +0000
commit	1519bc4457af7179557a4f04bb35a4e07bedd118 (patch)
tree	e8d9aa3d63547ec795fcdf725ee7b3afce3df81e /src/database/sql
parent	8f4151ea67e1d498e0880f28d3fd803dc2c5448f (diff)
download	go-1519bc4457af7179557a4f04bb35a4e07bedd118.tar.xz

net/http: clarify that AddCookie only sanitizes the Cookie being added

AddCookie properly encodes a cookie and appends it to the Cookie header field but does not modify or sanitize what the Cookie header field contains already. If a user manualy sets the Cookie header field to something not conforming to RFC 6265 then a cookie added via AddCookie might not be retrievable. Fixes #38437 Change-Id: I232b64ac489b39bb962fe4f7dbdc2ae44fcc0514 Reviewed-on: https://go-review.googlesource.com/c/go/+/235141 Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>

Diffstat (limited to 'src/database/sql')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: