use encode/decodeURIComponent for cookie encoding/decoding

Some server stacks touch cookies in inappropriate ways. Instead of reading the RFC and escaping only what should be escaped many things just escape everything. So under the guise of "interoperability", we will use URI encoding and decoding of the cookie strings. This will also support cookies that are properly escaped and then some. See: senchalabs/connect#604
jshttp · Jun 21, 2012 · 68669c8 · 68669c8
1 parent e0bc6d2
commit 68669c8
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 27 deletions.
diff --git a/index.js b/index.js
@@ -50,32 +50,8 @@ var parse = function(str) {
     return obj;
 };
 
-var encode = function(str) {
-    return str.replace(/[ ",;/]/g, function(val) {
-        switch(val) {
-        case ' ': return '%20';
-        case '"': return '%22';
-        case ',': return '%2c';
-        case '/': return '%2f';
-        case ';': return '%3b';
-        }
-    });
-};
-
-var decode = function(str) {
-    return str.replace(/(%2[02cfCF])|(%3[bB])/g, function(val) {
-        switch(val) {
-        case '%20': return ' ';
-        case '%22': return '"';
-        case '%2C':
-        case '%2c': return ',';
-        case '%2F':
-        case '%2f': return '/';
-        case '%3B':
-        case '%3b': return ';';
-        }
-    });
-};
+var encode = encodeURIComponent;
+var decode = decodeURIComponent;
 
 module.exports.serialize = serialize;
 module.exports.parse = parse;
diff --git a/test/serialize.js b/test/serialize.js
@@ -45,7 +45,7 @@ test('maxAge', function() {
 });
 
 test('escaping', function() {
-    assert.deepEqual('cat=+%20', cookie.serialize('cat', '+ '));
+    assert.deepEqual('cat=%2B%20', cookie.serialize('cat', '+ '));
 });
 
 test('parse->serialize', function() {