From c0150759968e543930a6e0dd30b3419ee29da988 Mon Sep 17 00:00:00 2001
From: tanuck <tanuck@gmail.com>
Date: Tue, 19 Jul 2016 20:51:25 +0100
Subject: [PATCH] Validate cookie name  (#278)

Validate cookie name passes go's isCookieNameValid check
---
 options.go      | 10 ++++++++++
 options_test.go | 15 +++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/options.go b/options.go
index 3b1366f..4777d9d 100644
--- a/options.go
+++ b/options.go
@@ -4,6 +4,7 @@ import (
 	"crypto"
 	"encoding/base64"
 	"fmt"
+	"net/http"
 	"net/url"
 	"os"
 	"regexp"
@@ -200,6 +201,7 @@ func (o *Options) Validate() error {
 	}
 
 	msgs = parseSignatureKey(o, msgs)
+	msgs = validateCookieName(o, msgs)
 
 	if len(msgs) != 0 {
 		return fmt.Errorf("Invalid configuration:\n  %s",
@@ -261,6 +263,14 @@ func parseSignatureKey(o *Options, msgs []string) []string {
 	return msgs
 }
 
+func validateCookieName(o *Options, msgs []string) []string {
+	cookie := &http.Cookie{Name: o.CookieName}
+	if cookie.String() == "" {
+		return append(msgs, fmt.Sprintf("invalid cookie name: %q", o.CookieName))
+	}
+	return msgs
+}
+
 func addPadding(secret string) string {
 	padding := len(secret) % 4
 	switch padding {
diff --git a/options_test.go b/options_test.go
index 3b50ca7..27dd852 100644
--- a/options_test.go
+++ b/options_test.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"crypto"
+	"fmt"
 	"net/url"
 	"strings"
 	"testing"
@@ -216,3 +217,17 @@ func TestValidateSignatureKeyUnsupportedAlgorithm(t *testing.T) {
 	assert.Equal(t, err.Error(), "Invalid configuration:\n"+
 		"  unsupported signature hash algorithm: "+o.SignatureKey)
 }
+
+func TestValidateCookie(t *testing.T) {
+	o := testOptions()
+	o.CookieName = "_valid_cookie_name"
+	assert.Equal(t, nil, o.Validate())
+}
+
+func TestValidateCookieBadName(t *testing.T) {
+	o := testOptions()
+	o.CookieName = "_bad_cookie_name{}"
+	err := o.Validate()
+	assert.Equal(t, err.Error(), "Invalid configuration:\n"+
+		fmt.Sprintf("  invalid cookie name: %q", o.CookieName))
+}