From 68946902e3fd84aa825ea93fb1a7ebbe795ceade Mon Sep 17 00:00:00 2001 From: Andrew Tarry Date: Tue, 8 Jul 2014 17:18:38 +0100 Subject: [PATCH 1/2] fix $browser: change to encodeURIComponent and decodeURIComponent for cookie reading MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit the self.cookies method in $browser was using escape and unescape to handle the cookie name and value. These methods are deprecated and cause problems with some special characters (€). The method has been changed to use the replacement encodeURIComponent and decodeURIComponent. --- src/ng/browser.js | 10 +++++----- test/ng/browserSpecs.js | 7 ++++++- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/ng/browser.js b/src/ng/browser.js index f9502cd4a09b..e43feed680f8 100644 --- a/src/ng/browser.js +++ b/src/ng/browser.js @@ -280,16 +280,16 @@ function Browser(window, document, $log, $sniffer) { * @returns {Object} Hash of all cookies (if called without any parameter) */ self.cookies = function(name, value) { - /* global escape: false, unescape: false */ + /* global encodeURIComponent: false, decodeURIComponent: false */ var cookieLength, cookieArray, cookie, i, index; if (name) { if (value === undefined) { - rawDocument.cookie = escape(name) + "=;path=" + cookiePath + + rawDocument.cookie = encodeURIComponent(name) + "=;path=" + cookiePath + ";expires=Thu, 01 Jan 1970 00:00:00 GMT"; } else { if (isString(value)) { - cookieLength = (rawDocument.cookie = escape(name) + '=' + escape(value) + + cookieLength = (rawDocument.cookie = encodeURIComponent(name) + '=' + encodeURIComponent(value) + ';path=' + cookiePath).length + 1; // per http://www.ietf.org/rfc/rfc2109.txt browser must allow at minimum: @@ -313,12 +313,12 @@ function Browser(window, document, $log, $sniffer) { cookie = cookieArray[i]; index = cookie.indexOf('='); if (index > 0) { //ignore nameless cookies - name = unescape(cookie.substring(0, index)); + name = decodeURIComponent(cookie.substring(0, index)); // the first value that is seen for a cookie is the most // specific one. values for the same cookie name that // follow are for less specific paths. if (lastCookies[name] === undefined) { - lastCookies[name] = unescape(cookie.substring(index + 1)); + lastCookies[name] = decodeURIComponent(cookie.substring(index + 1)); } } } diff --git a/test/ng/browserSpecs.js b/test/ng/browserSpecs.js index dae55594cda4..6b21fb59c02c 100755 --- a/test/ng/browserSpecs.js +++ b/test/ng/browserSpecs.js @@ -250,7 +250,7 @@ describe('browser', function() { var i, longVal = '', cookieStr; for(i=0; i<4083; i++) { - longVal += '+'; + longVal += 'x'; } cookieStr = document.cookie; @@ -323,6 +323,11 @@ describe('browser', function() { expect(browser.cookies()[' cookie name ']).toEqual(' cookie value '); expect(browser.cookies()['cookie name']).not.toBeDefined(); }); + + it('should unscape special characters in cookie values', function() { + document.cookie = 'cookie_name=cookie_value_%E2%82%AC'; + expect(browser.cookies()['cookie_name']).toEqual('cookie_value_€'); + }); }); From 725ee25833f290eeee981609ec839bed31158ee6 Mon Sep 17 00:00:00 2001 From: Andrew Tarry Date: Wed, 9 Jul 2014 17:27:12 +0100 Subject: [PATCH 2/2] Removed unneeded jshint global refactor $browser: Removed the jshint globals that are not needed --- src/ng/browser.js | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ng/browser.js b/src/ng/browser.js index e43feed680f8..3ca4a7c0a86c 100644 --- a/src/ng/browser.js +++ b/src/ng/browser.js @@ -280,7 +280,6 @@ function Browser(window, document, $log, $sniffer) { * @returns {Object} Hash of all cookies (if called without any parameter) */ self.cookies = function(name, value) { - /* global encodeURIComponent: false, decodeURIComponent: false */ var cookieLength, cookieArray, cookie, i, index; if (name) {