From 07ccdeb1927c77ede1d56ac6f1c1871183761ea4 Mon Sep 17 00:00:00 2001 From: Brave Cow Date: Tue, 22 Oct 2019 15:00:07 +0000 Subject: [PATCH] net/http: update sanitizeCookieValue description Commit 8f6d68eb (CL 37328) changed the code of sanitizeCookieValue without updating its description. Change-Id: Ib4a1a1f316548258b828458a31b09706bbd59b53 GitHub-Last-Rev: 9731494e177d909f33dd7d5ecfe1fd1a1c88a3e1 GitHub-Pull-Request: golang/go#34790 Reviewed-on: https://go-review.googlesource.com/c/go/+/200041 Reviewed-by: Brad Fitzpatrick --- src/net/http/cookie.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/net/http/cookie.go b/src/net/http/cookie.go index 91ff544e79..5c572d6dc5 100644 --- a/src/net/http/cookie.go +++ b/src/net/http/cookie.go @@ -353,6 +353,7 @@ func sanitizeCookieName(n string) string { return cookieNameSanitizer.Replace(n) } +// sanitizeCookieValue produces a suitable cookie-value from v. // https://tools.ietf.org/html/rfc6265#section-4.1.1 // cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE ) // cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E @@ -360,8 +361,8 @@ func sanitizeCookieName(n string) string { // ; whitespace DQUOTE, comma, semicolon, // ; and backslash // We loosen this as spaces and commas are common in cookie values -// but we produce a quoted cookie-value in when value starts or ends -// with a comma or space. +// but we produce a quoted cookie-value if and only if v contains +// commas or spaces. // See https://golang.org/issue/7243 for the discussion. func sanitizeCookieValue(v string) string { v = sanitizeOrWarn("Cookie.Value", validCookieValueByte, v) -- 2.50.0