Revision: 7354 Author: [email protected] Date: Mon Jan 4 20:00:50 2010 Log: URI-escape cookies (addresses external issue 4365).
Review by: rice http://code.google.com/p/google-web-toolkit/source/detail?r=7354 Modified: /trunk/user/src/com/google/gwt/user/client/Cookies.java /trunk/user/test/com/google/gwt/user/client/CookieTest.java ======================================= --- /trunk/user/src/com/google/gwt/user/client/Cookies.java Fri Nov 20 06:32:19 2009 +++ /trunk/user/src/com/google/gwt/user/client/Cookies.java Mon Jan 4 20:00:50 2010 @@ -110,7 +110,7 @@ */ public static void removeCookie(String name) { if (uriEncoding) { - uriEncode(name); + name = uriEncode(name); } removeCookieNative(name); } @@ -124,7 +124,7 @@ */ public static void removeCookie(String name, String path) { if (uriEncoding) { - uriEncode(name); + name = uriEncode(name); } removeCookieNative(name, path); } @@ -174,10 +174,12 @@ public static void setCookie(String name, String value, Date expires, String domain, String path, boolean secure) { if (uriEncoding) { - uriEncode(name); - uriEncode(value); - } else if (!isValidCookieName(name) || !isValidCookieValue(value)) { - throw new IllegalArgumentException("Illegal cookie format."); + name = uriEncode(name); + value = uriEncode(value); + } else if (!isValidCookieName(name)) { + throw new IllegalArgumentException("Illegal cookie format: " + name + " is not a valid cookie name."); + } else if (!isValidCookieValue(value)) { + throw new IllegalArgumentException("Illegal cookie format: " + value + " is not a valid cookie value."); } setCookieImpl(name, value, (expires == null) ? 0 : expires.getTime(), domain, path, secure); ======================================= --- /trunk/user/test/com/google/gwt/user/client/CookieTest.java Fri Nov 20 06:32:19 2009 +++ /trunk/user/test/com/google/gwt/user/client/CookieTest.java Mon Jan 4 20:00:50 2010 @@ -151,7 +151,25 @@ Cookies.removeCookie("test1+test1"); cookies = Cookies.getCookieNames(); assertEquals(curCount, cookies.size()); - + + // Make sure cookie names are URI encoded + Cookies.setUriEncode(true); + Cookies.setCookie("test1.,/?:@&=+$#", "value1"); + assertEquals(curCount + 1, Cookies.getCookieNames().size()); + Cookies.setUriEncode(false); + Cookies.removeCookie("test1.,/?:@&=+$#"); + assertEquals(curCount + 1, Cookies.getCookieNames().size()); + Cookies.setUriEncode(true); + Cookies.removeCookie("test1.,/?:@&=+$#"); + assertEquals(curCount, Cookies.getCookieNames().size()); + + // Make sure cookie values are URI encoded + Cookies.setUriEncode(true); + Cookies.setCookie("testencodedvalue", "value1,/?:@&=+$#"); + Cookies.setUriEncode(false); + String encodedValue = Cookies.getCookie("testencodedvalue"); + assertTrue(encodedValue.compareTo("value1%2C%2F%3F%3A%40%26%3D%2B%24%23") == 0); + // Make sure unencoded cookies with bogus format are not added try { Cookies.setCookie("test1=test1", "value1"); -- http://groups.google.com/group/Google-Web-Toolkit-Contributors
