Error when decoding URI component #5
Comments
|
tough call, I'd +1 400 personally but most people request that it would just warn / ignore, my votes for a 400 |
|
Do you think it would be wrong to silently catch the failure to decode and just set the value to the raw value in that case? |
|
I think so yeah, if it's an invalid uri I dont see why it shouldn't be 400 |
|
The 400 response would need to come from connect in that case and just leave this module to throw. Want me to make the patch for that? |
|
sure! sounds good to me, if we tack a |
fengmk2
added a commit
to fengmk2/node-cookie
that referenced
this issue
Oct 29, 2012
fengmk2
added a commit
to fengmk2/node-cookie
that referenced
this issue
Oct 29, 2012
…han throw the error.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/senchalabs/connect/blob/master/lib/middleware/cookieParser.js#L49
https://github.com/shtylman/node-cookie/blob/master/index.js#L46
This line uses the parse function from the cookie module. When the cookie value cannot be decoded properly this function throws (since the decodeURIComponent function throws). My concern is that this appears as a system error (plain error object) which usually results in the server responding with a 5xx error response versus a bad request or possibly not parsing the given value.
Now, I could wrap the decode call in the cookie module and just set the value to the raw value versus the decoded one. I am thinking this would be the proper thing to do (as I don't think failing with unable to decode URI component is good behavior here) but I wanted to first get some feedback since it would technically be a change in behavior.
Issue senchalabs/connect#652 is related.
/ping @visionmedia
The text was updated successfully, but these errors were encountered: