[couchdb-mochiweb] 03/32: Use more direct translation of RFC 6265 grammar

[willholley]

This is an automated email from the ASF dual-hosted git repository.

willholley pushed a commit to branch upstream-2.20.0
in repository https://gitbox.apache.org/repos/asf/couchdb-mochiweb.git

commit 9a1b10967f65b051430d72f135e52952b503fff8
Author: Bob Ippolito <b...@redivi.com>
AuthorDate: Mon Mar 4 16:45:59 2019 +0000

    Use more direct translation of RFC 6265 grammar
---
 CHANGES.md               |  5 +++++
 src/mochiweb.app.src     |  2 +-
 src/mochiweb_cookies.erl | 19 ++++++++++++-------
 3 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 45464d0..e4f10d7 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,8 @@
+Version 2.20.0 released 2019-XX-XX
+
+* Fix parsing of certain unquoted cookie values
+  https://github.com/mochi/mochiweb/pull/212
+
 Version 2.19.0 released 2019-01-17
 
 * Fix warning in 21.2.3 and crash on incompatible releases
diff --git a/src/mochiweb.app.src b/src/mochiweb.app.src
index 70c7165..6486fcb 100644
--- a/src/mochiweb.app.src
+++ b/src/mochiweb.app.src
@@ -1,7 +1,7 @@
 %% This is generated from src/mochiweb.app.src
 {application, mochiweb,
  [{description, "MochiMedia Web Server"},
-  {vsn, "2.19.0"},
+  {vsn, "2.20.0"},
   {modules, []},
   {registered, []},
   {env, []},
diff --git a/src/mochiweb_cookies.erl b/src/mochiweb_cookies.erl
index b6afb65..c7b0fcf 100644
--- a/src/mochiweb_cookies.erl
+++ b/src/mochiweb_cookies.erl
@@ -40,12 +40,17 @@
          C =:= ${ orelse C =:= $})).
 
 %% RFC 6265 cookie value allowed characters
--define(IS_COOKIE_VAL_ALLOWED(C),
-        (C =:= 33
-         orelse (C >= 35 andalso C =< 43)
-         orelse (C >= 45 andalso C =< 58)
-         orelse (C >= 60 andalso C =< 91)
-         orelse (C >= 93 andalso C =< 126))).
+%%  cookie-octet      = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
+%%                        ; US-ASCII characters excluding CTLs,
+%%                        ; whitespace DQUOTE, comma, semicolon,
+%%                        ; and backslash
+-define(IS_COOKIE_OCTET(C),
+        (C =:= 16#21
+         orelse (C >= 16#23 andalso C =< 16#2B)
+         orelse (C >= 16#2D andalso C =< 16#3A)
+         orelse (C >= 16#3C andalso C =< 16#5B)
+         orelse (C >= 16#5D andalso C =< 16#7E)
+        )).
 
 %% @type proplist() = [{Key::string(), Value::string()}].
 %% @type header() = {Name::string(), Value::string()}.
@@ -222,7 +227,7 @@ read_value(String) ->
     {"", String}.
 
 read_value_(String) ->
-    F = fun (C) -> ?IS_COOKIE_VAL_ALLOWED(C) end,
+    F = fun (C) -> ?IS_COOKIE_OCTET(C) end,
     lists:splitwith(F, String).
 
 read_quoted([?QUOTE | String]) ->