| <!doctype html> |
| <html> |
| <head> |
| <meta charset=utf-8> |
| <title>Test cookie name parsing with control characters</title> |
| <meta name=help href="https://tools.ietf.org/html/rfc6265#section-5.2"> |
| <meta name="timeout" content="long"> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/cookies/resources/cookie-test.js"></script> |
| </head> |
| <body> |
| <div id=log></div> |
| <script> |
| // Tests for control characters (CTLs) in a cookie's name. |
| // CTLs are defined by RFC 5234 to be %x00-1F / %x7F. |
| const {TERMINATING_CTLS, CTLS} = getCtlCharacters(); |
| |
| // Start with a clean slate. |
| dropAllDomCookies(); |
| |
| // Test that terminating CTLs truncate the cookie string. |
| for (const ctl of TERMINATING_CTLS) { |
| domCookieTest( |
| `test${ctl.code}${ctl.chr}name=${ctl.code}`, |
| `test${ctl.code}`, |
| `Cookie with %x${ctl.code.toString(16)} in name is truncated.`); |
| } |
| |
| // Test that other CTLs result in cookie rejection. |
| for (const ctl of CTLS) { |
| domCookieTest( |
| `test${ctl.code}${ctl.chr}name=${ctl.code}`, |
| '', |
| `Cookie with %x${ctl.code.toString(16)} in name is rejected.`); |
| } |
| |
| // Test that truncation due to terminating CTLs occurs first. |
| for (const termCtl of TERMINATING_CTLS) { |
| for (const ctl of CTLS) { |
| domCookieTest( |
| `test${ctl.code}term${termCtl.chr}na${ctl.chr}me=${ctl.code}`, |
| `test${ctl.code}term`, |
| `Cookie with %x${ctl.code.toString(16)} after ` + |
| `%x${termCtl.code.toString(16)} in name is truncated.`); |
| } |
| } |
| </script> |
| </body> |
| </html> |
