Google Git
Sign in
gwt/gwt/ee93bc2fa1d5b50bd267bfa3dcd55d1dceaf473c^!/.
commit
ee93bc2fa1d5b50bd267bfa3dcd55d1dceaf473c
[log]
author
kprobst@google.com <kprobst@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>
Tue Jan 05 04:00:50 2010 +0000
committer
kprobst@google.com <kprobst@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>
Tue Jan 05 04:00:50 2010 +0000
tree
46f7812274e7789c395fafb82543b959d6b235ec
parent
e98bf7a7b76b621ca15b34a651170fb89e770bbf [diff]
URI-escape cookies (addresses external issue 4365).

Review by: rice



git-svn-id: https://google-web-toolkit.googlecode.com/svn/trunk@7354 8db76d5a-ed1c-0410-87a9-c151d255dfc7

diff --git a/user/src/com/google/gwt/user/client/Cookies.java b/user/src/com/google/gwt/user/client/Cookies.java
index fd114c9..f564b26 100644
--- a/user/src/com/google/gwt/user/client/Cookies.java
+++ b/user/src/com/google/gwt/user/client/Cookies.java

@@ -110,7 +110,7 @@
    */
   public static void removeCookie(String name) {
     if (uriEncoding) {
-      uriEncode(name);
+      name = uriEncode(name);
     }
     removeCookieNative(name);
   }
@@ -124,7 +124,7 @@
    */
   public static void removeCookie(String name, String path) {
     if (uriEncoding) {
-      uriEncode(name);
+      name = uriEncode(name);
     }
     removeCookieNative(name, path);
   }
@@ -174,10 +174,12 @@
   public static void setCookie(String name, String value, Date expires,
       String domain, String path, boolean secure) {
     if (uriEncoding) {
-      uriEncode(name);
-      uriEncode(value);
-    } else if (!isValidCookieName(name) || !isValidCookieValue(value)) {
-      throw new IllegalArgumentException("Illegal cookie format.");
+      name = uriEncode(name);
+      value = uriEncode(value);
+    } else if (!isValidCookieName(name)) {
+      throw new IllegalArgumentException("Illegal cookie format: " + name + " is not a valid cookie name.");
+    } else if (!isValidCookieValue(value)) {
+      throw new IllegalArgumentException("Illegal cookie format: " + value + " is not a valid cookie value.");
     }
     setCookieImpl(name, value, (expires == null) ? 0 : expires.getTime(),
         domain, path, secure);

diff --git a/user/test/com/google/gwt/user/client/CookieTest.java b/user/test/com/google/gwt/user/client/CookieTest.java
index 5e36c3b..3724808 100644
--- a/user/test/com/google/gwt/user/client/CookieTest.java
+++ b/user/test/com/google/gwt/user/client/CookieTest.java

@@ -151,7 +151,25 @@
     Cookies.removeCookie("test1+test1");
     cookies = Cookies.getCookieNames();
     assertEquals(curCount, cookies.size());
+    
+    // Make sure cookie names are URI encoded
+    Cookies.setUriEncode(true);
+    Cookies.setCookie("test1.,/?:@&=+$#", "value1");
+    assertEquals(curCount + 1, Cookies.getCookieNames().size());
+    Cookies.setUriEncode(false);
+    Cookies.removeCookie("test1.,/?:@&=+$#");
+    assertEquals(curCount + 1, Cookies.getCookieNames().size());
+    Cookies.setUriEncode(true);
+    Cookies.removeCookie("test1.,/?:@&=+$#");
+    assertEquals(curCount, Cookies.getCookieNames().size());
 
+    // Make sure cookie values are URI encoded
+    Cookies.setUriEncode(true);
+    Cookies.setCookie("testencodedvalue", "value1,/?:@&=+$#");
+    Cookies.setUriEncode(false);
+    String encodedValue = Cookies.getCookie("testencodedvalue");
+    assertTrue(encodedValue.compareTo("value1%2C%2F%3F%3A%40%26%3D%2B%24%23") == 0);
+    
     // Make sure unencoded cookies with bogus format are not added
     try {
       Cookies.setCookie("test1=test1", "value1");