mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 23:27:43 +00:00
LibWeb: Impose a sane max cookie size
Drop cookies larger than 4KiB. This value is the RFC's recommendation: https://tools.ietf.org/html/rfc6265#section-6.1
This commit is contained in:
parent
da92c0e1ca
commit
67884f6747
2 changed files with 13 additions and 0 deletions
|
@ -14,6 +14,8 @@
|
|||
<label for=invalid3>The cookie expired in the past</label>
|
||||
<br /><input id=invalid4 type=button onclick="setCookie(this.value)" value="cookie7=value7; expires=Mon, 23 Jan 1989 08:10:36 GMT" />
|
||||
<label for=invalid4>The cookie expired in the past</label>
|
||||
<br /><input id=invalid5 type=button onclick="setTooLargeCookie()" value="cookie10=[more than 4096 chars]" />
|
||||
<label for=invalid5>The cookie is too large</label>
|
||||
<br />
|
||||
|
||||
<h3>Unretrievable cookies (the browser should accept these but not display them):</h3>
|
||||
|
@ -31,6 +33,11 @@
|
|||
document.getElementById('cookies').innerHTML = document.cookie;
|
||||
}
|
||||
|
||||
function setTooLargeCookie() {
|
||||
const cookie = 'name=' + 'x'.repeat(4 << 10);
|
||||
setCookie(cookie);
|
||||
}
|
||||
|
||||
document.getElementById('cookies').innerHTML = document.cookie;
|
||||
</script>
|
||||
</body>
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue