Request cookies named valueOf, constructor, or toString cannot be retrieved by Oak
denizdogan opened this issue · comments
Deniz commented
Using the cookie name "foobar":
new Application()
.use(async (context) => { context.response.body = await context.cookies.get("foobar") })
.listen({ port: 8000 })
$ curl --cookie "foobar=123" "http://localhost:8000"
123
Using the cookie name "valueOf":
new Application()
.use(async (context) => { context.response.body = await context.cookies.get("valueOf") })
.listen({ port: 8000 })
$ curl --cookie "valueOf=123" "http://localhost:8000"
(empty)
I can reproduce this with cookies named "constructor", "toString", maybe more than that too. This seems a bit scary to me.
Kitson Kelly commented
Cookies cached regular expressions based off of key, but stored it in an standard empty object ({}
) which causes problems with reserved word keys, instead it now uses null
prototype Object.