Validate cookie name (#278)
Validate cookie name passes go's isCookieNameValid check
This commit is contained in:
parent
17f412e407
commit
c015075996
10
options.go
10
options.go
@ -4,6 +4,7 @@ import (
|
||||
"crypto"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
@ -200,6 +201,7 @@ func (o *Options) Validate() error {
|
||||
}
|
||||
|
||||
msgs = parseSignatureKey(o, msgs)
|
||||
msgs = validateCookieName(o, msgs)
|
||||
|
||||
if len(msgs) != 0 {
|
||||
return fmt.Errorf("Invalid configuration:\n %s",
|
||||
@ -261,6 +263,14 @@ func parseSignatureKey(o *Options, msgs []string) []string {
|
||||
return msgs
|
||||
}
|
||||
|
||||
func validateCookieName(o *Options, msgs []string) []string {
|
||||
cookie := &http.Cookie{Name: o.CookieName}
|
||||
if cookie.String() == "" {
|
||||
return append(msgs, fmt.Sprintf("invalid cookie name: %q", o.CookieName))
|
||||
}
|
||||
return msgs
|
||||
}
|
||||
|
||||
func addPadding(secret string) string {
|
||||
padding := len(secret) % 4
|
||||
switch padding {
|
||||
|
@ -2,6 +2,7 @@ package main
|
||||
|
||||
import (
|
||||
"crypto"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"strings"
|
||||
"testing"
|
||||
@ -216,3 +217,17 @@ func TestValidateSignatureKeyUnsupportedAlgorithm(t *testing.T) {
|
||||
assert.Equal(t, err.Error(), "Invalid configuration:\n"+
|
||||
" unsupported signature hash algorithm: "+o.SignatureKey)
|
||||
}
|
||||
|
||||
func TestValidateCookie(t *testing.T) {
|
||||
o := testOptions()
|
||||
o.CookieName = "_valid_cookie_name"
|
||||
assert.Equal(t, nil, o.Validate())
|
||||
}
|
||||
|
||||
func TestValidateCookieBadName(t *testing.T) {
|
||||
o := testOptions()
|
||||
o.CookieName = "_bad_cookie_name{}"
|
||||
err := o.Validate()
|
||||
assert.Equal(t, err.Error(), "Invalid configuration:\n"+
|
||||
fmt.Sprintf(" invalid cookie name: %q", o.CookieName))
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user