Skip to content

Commit 160959d

Browse files
timhalltimhall
committed
Adjust cookie encoding to better match spec
1 parent d356e07 commit 160959d

File tree

3 files changed

+41
-26
lines changed

3 files changed

+41
-26
lines changed

specs/Specs_WebHelpers.bas

Lines changed: 17 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -311,30 +311,37 @@ Public Function Specs() As SpecSuite
311311
.Expect(WebHelpers.UrlEncode("_", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "_"
312312
.Expect(WebHelpers.UrlEncode("~", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "~"
313313

314+
' Note: "%" is allowed in spec, but is currently excluded due to parsing issues
314315
.Expect(WebHelpers.UrlEncode("%", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%25"
316+
317+
.Expect(WebHelpers.UrlEncode("""", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%22"
315318
.Expect(WebHelpers.UrlEncode(" ", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%20"
316-
319+
317320
.Expect(WebHelpers.UrlEncode("!", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "!"
318321
.Expect(WebHelpers.UrlEncode("#", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "#"
319322
.Expect(WebHelpers.UrlEncode("$", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "$"
320323
.Expect(WebHelpers.UrlEncode("&", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "&"
321324
.Expect(WebHelpers.UrlEncode("'", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "'"
322-
.Expect(WebHelpers.UrlEncode("(", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%28"
323-
.Expect(WebHelpers.UrlEncode(")", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%29"
325+
.Expect(WebHelpers.UrlEncode("(", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "("
326+
.Expect(WebHelpers.UrlEncode(")", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual ")"
324327
.Expect(WebHelpers.UrlEncode("*", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "*"
325328
.Expect(WebHelpers.UrlEncode("+", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "+"
326329
.Expect(WebHelpers.UrlEncode(",", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%2C"
327-
.Expect(WebHelpers.UrlEncode("/", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%2F"
328-
.Expect(WebHelpers.UrlEncode(":", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%3A"
330+
.Expect(WebHelpers.UrlEncode("/", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "/"
331+
.Expect(WebHelpers.UrlEncode(":", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual ":"
329332
.Expect(WebHelpers.UrlEncode(";", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%3B"
330-
.Expect(WebHelpers.UrlEncode("=", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%3D"
331-
.Expect(WebHelpers.UrlEncode("?", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%3F"
332-
.Expect(WebHelpers.UrlEncode("@", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%40"
333-
.Expect(WebHelpers.UrlEncode("[", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%5B"
334-
.Expect(WebHelpers.UrlEncode("]", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "%5D"
333+
.Expect(WebHelpers.UrlEncode("<", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "<"
334+
.Expect(WebHelpers.UrlEncode("=", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "="
335+
.Expect(WebHelpers.UrlEncode(">", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual ">"
336+
.Expect(WebHelpers.UrlEncode("?", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "?"
337+
.Expect(WebHelpers.UrlEncode("@", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "@"
338+
.Expect(WebHelpers.UrlEncode("[", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "["
339+
.Expect(WebHelpers.UrlEncode("]", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "]"
335340
.Expect(WebHelpers.UrlEncode("^", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "^"
336341
.Expect(WebHelpers.UrlEncode("`", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "`"
342+
.Expect(WebHelpers.UrlEncode("{", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "{"
337343
.Expect(WebHelpers.UrlEncode("|", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "|"
344+
.Expect(WebHelpers.UrlEncode("}", EncodingMode:=UrlEncodingMode.CookieUrlEncoding)).ToEqual "}"
338345
End With
339346

340347
With Specs.It("should url-encode (PathUrlEncoding)")

src/WebHelpers.bas

Lines changed: 23 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -347,7 +347,8 @@ End Enum
347347
' @param FormUrlEncoding ALPHA / DIGIT / "-" / "." / "_" / "*", (space) -> "+", &...; UTF-8 encoding
348348
' @param QueryUrlEncoding Subset of strict and form that should be suitable for non-form-urlencoded query strings
349349
' ALPHA / DIGIT / "-" / "." / "_"
350-
' @param CookieUrlEncoding strict / "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "^" / "`" / "|"
350+
' @param CookieUrlEncoding strict / "!" / "#" / "$" / "&" / "'" / "(" / ")" / "*" / "+" /
351+
' "/" / ":" / "<" / "=" / ">" / "?" / "@" / "[" / "]" / "^" / "`" / "{" / "|" / "}"
351352
' @param PathUrlEncoding strict / "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "=" / ":" / "@"
352353
''
353354
Public Enum UrlEncodingMode
@@ -833,6 +834,7 @@ End Function
833834
' - form-urlencoded encoding algorithm,
834835
' https://www.w3.org/TR/html5/forms.html#application/x-www-form-urlencoded-encoding-algorithm
835836
' - RFC 6265 (Cookies), https://tools.ietf.org/html/rfc6265
837+
' Note: "%" is allowed in spec, but is currently excluded due to parsing issues
836838
'
837839
' @method UrlEncode
838840
' @param {Variant} Text Text to encode
@@ -875,7 +877,8 @@ Public Function UrlEncode(Text As Variant, _
875877
' StrictUrlEncoding - ALPHA / DIGIT / "-" / "." / "_" / "~"
876878
' FormUrlEncoding - ALPHA / DIGIT / "-" / "." / "_" / "*" / (space) -> "+"
877879
' QueryUrlEncoding - ALPHA / DIGIT / "-" / "." / "_"
878-
' CookieUrlEncoding - strict / "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "^" / "`" / "|"
880+
' CookieUrlEncoding - strict / "!" / "#" / "$" / "&" / "'" / "(" / ")" / "*" / "+" /
881+
' "/" / ":" / "<" / "=" / ">" / "?" / "@" / "[" / "]" / "^" / "`" / "{" / "|" / "}"
879882
' PathUrlEncoding - strict / "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "=" / ":" / "@"
880883

881884
' Set space value
@@ -908,33 +911,26 @@ Public Function UrlEncode(Text As Variant, _
908911
' Else -> "%20"
909912
web_Result(web_i) = web_Space
910913

911-
Case 33, 36, 38, 39, 43
912-
' "!" / "$" / "&" / "'" / "+"
914+
Case 33, 36, 38, 39, 40, 41, 43, 58, 61, 64
915+
' "!" / "$" / "&" / "'" / "(" / ")" / "+" / ":" / "=" / "@"
913916
' PathUrlEncoding, CookieUrlEncoding -> Unencoded
914917
' Else -> Percent-encoded
915918
If EncodingMode = UrlEncodingMode.PathUrlEncoding Or EncodingMode = UrlEncodingMode.CookieUrlEncoding Then
916919
web_Result(web_i) = web_Char
917920
Else
918921
web_Result(web_i) = "%" & VBA.Hex(web_CharCode)
919922
End If
920-
Case 35, 94, 96, 124
921-
' "#" / "^" / "`" / "|"
923+
924+
Case 35, 45, 46, 47, 60, 62, 63, 91, 93, 94, 95, 96, 123, 124, 125
925+
' "#" / "-" / "." / "/" / "<" / ">" / "?" / "[" / "]" / "^" / "_" / "`" / "{" / "|" / "}"
922926
' CookieUrlEncoding -> Unencoded
923927
' Else -> Percent-encoded
924928
If EncodingMode = UrlEncodingMode.CookieUrlEncoding Then
925929
web_Result(web_i) = web_Char
926930
Else
927931
web_Result(web_i) = "%" & VBA.Hex(web_CharCode)
928932
End If
929-
Case 40, 41, 44, 58, 59, 61, 64
930-
' "(" / ")" / "," / ":" / ";" / "=" / "@"
931-
' PathUrlEncoding -> Unencoded
932-
' Else -> Percent-encoded
933-
If EncodingMode = UrlEncodingMode.PathUrlEncoding Then
934-
web_Result(web_i) = web_Char
935-
Else
936-
web_Result(web_i) = "%" & VBA.Hex(web_CharCode)
937-
End If
933+
938934
Case 42
939935
' "*"
940936
' FormUrlEncoding, PathUrlEncoding, CookieUrlEncoding -> "*"
@@ -947,6 +943,17 @@ Public Function UrlEncode(Text As Variant, _
947943
Else
948944
web_Result(web_i) = "%" & VBA.Hex(web_CharCode)
949945
End If
946+
947+
Case 44, 59
948+
' "," / ";"
949+
' PathUrlEncoding -> Unencoded
950+
' Else -> Percent-encoded
951+
If EncodingMode = UrlEncodingMode.PathUrlEncoding Then
952+
web_Result(web_i) = web_Char
953+
Else
954+
web_Result(web_i) = "%" & VBA.Hex(web_CharCode)
955+
End If
956+
950957
Case 126
951958
' "~"
952959
' FormUrlEncoding, QueryUrlEncoding -> "%7E"
@@ -956,6 +963,7 @@ Public Function UrlEncode(Text As Variant, _
956963
Else
957964
web_Result(web_i) = web_Char
958965
End If
966+
959967
Case 0 To 15
960968
web_Result(web_i) = "%0" & VBA.Hex(web_CharCode)
961969
Case Else

src/WebRequest.cls

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -678,7 +678,7 @@ End Sub
678678
''
679679
Public Sub AddCookie(Key As String, Value As Variant)
680680
Me.Cookies.Add WebHelpers.CreateKeyValue( _
681-
WebHelpers.UrlEncode(Key, EncodingMode:=UrlEncodingMode.CookieUrlEncoding), _
681+
Key, _
682682
WebHelpers.UrlEncode(Value, EncodingMode:=UrlEncodingMode.CookieUrlEncoding) _
683683
)
684684
End Sub

0 commit comments

Comments
 (0)