Improved cookie rewriting #91
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason is that we change the cookie value by putting it though all the parsers (encodeURIComponent/decodeURIComponent).
We should never parse the cookie values ever, only its parameters!
Owner
|
Oh, good catch. Maybe we should add a |
Contributor
Author
|
It's a good idea. Although the parser part of the name could be confusing if it returns a string. |
Forgot to remove the decodeURIComponent.
Contributor
Author
|
There, I forgot to remove decodeURIComponent. It's not needed. |
This way we are sure that we don't parse the cookie value. This commit includes a replacement for libCookie.serialize to use serializeCookie instead. It also removes libCookie completely.
Contributor
Author
|
Now libCookie is removed completely replaced by my new parseCookies function. |
We no longer need this since we parse cookies ourself! :D
Owner
|
Ok, let me look at this one a bit more. |
weibeu
added a commit
to surepassio/node-unblocker
that referenced
this pull request
Dec 2, 2020
Repository owner
deleted a comment from
MrMachi9
May 19, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Includes test!
We should look into all the places where the libCookie.parse and libCookie.serialize is used to ensure that the value isn't changed. Probably better not to use it at all!