Skip to content

Commit

Permalink
#547 Remove '+' replacement from request cookies.
Browse files Browse the repository at this point in the history
  • Loading branch information
Tratcher committed May 2, 2016
1 parent 7ebd87a commit 5767306
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ public static RequestCookieCollection Parse(IList<string> values)
for (var i = 0; i < cookies.Count; i++)
{
var cookie = cookies[i];
var name = Uri.UnescapeDataString(cookie.Name.Replace('+', ' '));
var value = Uri.UnescapeDataString(cookie.Value.Replace('+', ' '));
var name = Uri.UnescapeDataString(cookie.Name);
var value = Uri.UnescapeDataString(cookie.Value);
store[name] = value;
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

using System.Linq;
using Microsoft.AspNetCore.Http.Internal;
using Microsoft.Extensions.Primitives;
using Xunit;

namespace Microsoft.AspNetCore.Http.Tests
{
public class RequestCookiesCollectionTests
{
public static TheoryData UnEscapesKeyValues_Data
{
get
{
// key, value, expected
return new TheoryData<string, string, string>
{
{ "key=value", "key", "value" },
{ "key%2C=%21value", "key,", "!value" },
{ "ke%23y%2C=val%5Eue", "ke#y,", "val^ue" },
{ "key=value", "key", "value" },
{ "key%2C=%21value", "key,", "!value" },
{ "ke%23y%2C=val%5Eue", "ke#y,", "val^ue" },
{ "base64=QUI%2BREU%2FRw%3D%3D", "base64", "QUI+REU/Rw==" },
{ "base64=QUI+REU/Rw==", "base64", "QUI+REU/Rw==" },
};
}
}

[Theory]
[MemberData(nameof(UnEscapesKeyValues_Data))]
public void UnEscapesKeyValues(
string input,
string expectedKey,
string expectedValue)
{
var cookies = RequestCookieCollection.Parse(new StringValues(input));

Assert.Equal(1, cookies.Count);
Assert.Equal(expectedKey, cookies.Keys.Single());
Assert.Equal(expectedValue, cookies[expectedKey]);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ public static TheoryData EscapesKeyValuesBeforeSettingCookieData
{ "key", "value", _builderPool, "key=value" },
{ "key,", "!value", _builderPool, "key%2C=%21value" },
{ "ke#y,", "val^ue", _builderPool, "ke%23y%2C=val%5Eue" },
{ "base64", "QUI+REU/Rw==", _builderPool, "base64=QUI%2BREU%2FRw%3D%3D" },
};
}
}
Expand Down

0 comments on commit 5767306

Please sign in to comment.