Skip to content

Commit

Permalink
Merge pull request #17298 from cakephp/issue-17296
Browse files Browse the repository at this point in the history 
Fix cookie parsing when value is undefined
  • Loading branch information
@othercorey
othercorey committed Sep 22, 2023
2 parents c92a3c0 + 197dd4b commit 34b4920
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
5 changes: 4 additions & 1 deletion src/Http/Cookie/Cookie.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,7 +284,10 @@ public static function createFromHeaderString(string $cookie, array $defaults =
$parts = preg_split('/\;[ \t]*/', $cookie);
}

[$name, $value] = explode('=', array_shift($parts), 2);
$nameValue = explode('=', array_shift($parts), 2);
$name = array_shift($nameValue);
$value = array_shift($nameValue) ?? '';

$data = [
'name' => urldecode($name),
'value' => urldecode($value),
Expand Down
13 changes: 11 additions & 2 deletions tests/TestCase/Http/Cookie/CookieTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,7 +465,7 @@ public function testGetId(): void
$this->assertSame('test;example.com;/path', $cookie->getId());
}

public function testCreateFromHeaderString(): void
public function testCreateFromHeaderStringInvalidSamesite(): void
{
$header = 'cakephp=cakephp-rocks; expires=Wed, 01-Dec-2027 12:00:00 GMT; path=/; domain=cakephp.org; samesite=invalid; secure; httponly';
$result = Cookie::createFromHeaderString($header);
Expand All @@ -475,6 +475,15 @@ public function testCreateFromHeaderString(): void
$this->assertNull($result->getSameSite());
}

public function testCreateFromHeaderStringEmptyValue(): void
{
// Invalid cookie with no = separator or value.
$header = 'cakephp; expires=Wed, 01-Dec-2027 12:00:00 GMT; path=/; domain=cakephp.org;';
$result = Cookie::createFromHeaderString($header);

$this->assertSame('', $result->getValue());
}

public function testDefaults(): void
{
Cookie::setDefaults(['path' => '/cakephp', 'expires' => time()]);
Expand All @@ -494,7 +503,7 @@ public function testInvalidExpiresForDefaults(): void
$this->expectExceptionMessage('Invalid type `array` for expire');

Cookie::setDefaults(['expires' => ['ompalompa']]);
$cookie = new Cookie('cakephp', 'cakephp-rocks');
new Cookie('cakephp', 'cakephp-rocks');
}

public function testInvalidSameSiteForDefaults(): void
Expand Down

0 comments on commit 34b4920

Please sign in to comment.