Implement cookie size checks from RFC - Pt. 3
Extends the cookie size length checks into ParsedCookie's SetName, SetValue, and Set<attribute> methods behind an enabled-by-default flag. Also, changes the character sets accepted by these methods so that they are in line with what the other ParsedCookie and CanonicalCookie methods accept and closer to what is specified in RFC6265bis (Draft 9). Specifically: - In ParsedCookie::SetName and ParsedCookie::SetValue, the restrictions on valid characters for both have been greatly relaxed to match the restrictions in place for names set via the other methods. Also, the name + value size limit is now enforced by these method. - In ParsedCookie::SetString (and as a result, SetPath, SetDomain, and the other methods for setting attribute values and accept a string type), the attribute value size limit is now enforced. - Updated an Extension API web request test that was inadvertently relying on ParsedCookie::SetValue behavior (failing to set values that contain whitespace characters) to satisfy unrelated test conditions. The test now passes whether ParsedCookie::SetValue allows whitespace characters in the value or not. Bug: 1225342 Change-Id: I424372b34a675f51a31db3a990b48c8e8af6681a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3111249 Commit-Queue: Andrew Williams <awillia@google.com> Reviewed-by:Steven Bingler <bingler@chromium.org> Reviewed-by:
Loading
Please register or sign in to comment