Description
In net/http, before cookies are read, they are checked to ensure they have a valid name. However, when setting a cookie, an invalid name may be used; rather than being permitted, this should trigger an error.
There is further discussion on the gorilla sessions topic in which it was suggested that I raise this possibility here.
To answer the questions in the guidelines:
What version of Go are you using (go version)? 1.4
What operating system and processor architecture are you using? OS X 64-bit
What did you do? Created a cookie with an empty name (or spaces, or other invalid characters) and set it in a way that was seemingly successful.
What did you expect to see? I expected to see an error.
What did you see instead? I saw my cookie get set, but I could not read it (as its name is invalid, and correctly filtered out on the reading end of things).