Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error when cookies contain double quotes #711

Open
na-- opened this issue Jul 16, 2018 · 3 comments

Comments

Projects
None yet
3 participants
@na--
Copy link
Member

commented Jul 16, 2018

While testing something else, I stumbled on a small bug with double quotes in cookie values... The following code:

import http from 'k6/http';

export default function () {
	let resp = http.get("https://httpbingo.org/cookies", {
		"cookies": {
			"test": "\""
		},
	})
	console.log(resp.body);
}

produces this... warning?:

2018/07/16 10:18:33 net/http: invalid byte '"' in Cookie.Value; dropping invalid bytes

It seems that for some reason, the Go standard library logs this directly, which is super annoying... Skimming some golang issues, it's not exactly clear how we should escape those values...

@ofauchon

This comment has been minimized.

Copy link
Contributor

commented Jul 24, 2018

Hello,

Same problem for me !

The application I test uses double quoted cookies values with separators + uppercase headers

Cookie: foo-boa="DATA-NET-CMP:1234564:123456789789798AEZEAZEA:zzzX"
SPECIFIC-HEADER=jfdislfjsdi

I ended up patching net/* go sources to make it permissive :-(

  • Removed cookie/headers sanitization .

Although it' dirty hacks, I didn't find any elegant way to do it.

Olivier

@na--

This comment has been minimized.

Copy link
Member Author

commented Jul 24, 2018

Yeah, when I posted this issue I skimmed a bunch of golang github issues and discussions and I don't think I saw a nice way to work around this...

@tkanos

This comment has been minimized.

Copy link

commented Oct 9, 2018

you can also get the cookie directly from the r.header["cookie"] and parse it yourself but it's not elegant neither.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.