diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/net/http/cookie.go | 2 | ||||
| -rw-r--r-- | src/net/http/cookie_test.go | 9 |
2 files changed, 7 insertions, 4 deletions
diff --git a/src/net/http/cookie.go b/src/net/http/cookie.go index 5a67476cd4..cf522488c1 100644 --- a/src/net/http/cookie.go +++ b/src/net/http/cookie.go @@ -328,7 +328,7 @@ func sanitizeCookieValue(v string) string { if len(v) == 0 { return v } - if v[0] == ' ' || v[0] == ',' || v[len(v)-1] == ' ' || v[len(v)-1] == ',' { + if strings.IndexByte(v, ' ') >= 0 || strings.IndexByte(v, ',') >= 0 { return `"` + v + `"` } return v diff --git a/src/net/http/cookie_test.go b/src/net/http/cookie_test.go index b3e54f8db3..9d199a3752 100644 --- a/src/net/http/cookie_test.go +++ b/src/net/http/cookie_test.go @@ -69,7 +69,7 @@ var writeSetCookiesTests = []struct { // are disallowed by RFC 6265 but are common in the wild. { &Cookie{Name: "special-1", Value: "a z"}, - `special-1=a z`, + `special-1="a z"`, }, { &Cookie{Name: "special-2", Value: " z"}, @@ -85,7 +85,7 @@ var writeSetCookiesTests = []struct { }, { &Cookie{Name: "special-5", Value: "a,z"}, - `special-5=a,z`, + `special-5="a,z"`, }, { &Cookie{Name: "special-6", Value: ",z"}, @@ -398,9 +398,12 @@ func TestCookieSanitizeValue(t *testing.T) { {"foo\"bar", "foobar"}, {"\x00\x7e\x7f\x80", "\x7e"}, {`"withquotes"`, "withquotes"}, - {"a z", "a z"}, + {"a z", `"a z"`}, {" z", `" z"`}, {"a ", `"a "`}, + {"a,z", `"a,z"`}, + {",z", `",z"`}, + {"a,", `"a,"`}, } for _, tt := range tests { if got := sanitizeCookieValue(tt.in); got != tt.want { |