Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Looser cookie name validation #330

Merged
merged 1 commit into from
Feb 17, 2022
Merged

Looser cookie name validation #330

merged 1 commit into from
Feb 17, 2022

Conversation

adamjmcgrath
Copy link
Contributor

Description

The Joi token token validation is too strict for a cookie name, since these can contain dashes.

References

fixes #322
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#attributes
https://joi.dev/api/?v=17.6.0#stringtoken

Testing

Describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Also include details of the environment this PR was developed in (language/platform/browser version).

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not master

@adamjmcgrath adamjmcgrath added the review:small Small review label Feb 15, 2022
@adamjmcgrath adamjmcgrath requested a review from a team as a code owner February 15, 2022 08:42
@adamjmcgrath adamjmcgrath merged commit c8475cc into master Feb 17, 2022
@adamjmcgrath adamjmcgrath deleted the cookie-name-config branch February 17, 2022 10:15
@adamjmcgrath adamjmcgrath mentioned this pull request Feb 17, 2022
Merged
@moberegger moberegger mentioned this pull request Apr 4, 2022
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevehobbsdev stevehobbsdev stevehobbsdev approved these changes

Assignees
No one assigned
Labels
review:small Small review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cookies Samesite attribute handling
2 participants
@adamjmcgrath @stevehobbsdev