disallow to set unsupported cookie path

AdguardTeam · Oct 27, 2022 · 055f551 · 055f551
1 parent 76ffe8f
commit 055f551
Showing 1 changed file with 16 additions and 4 deletions.
diff --git a/src/helpers/cookie-utils.js b/src/helpers/cookie-utils.js
@@ -1,4 +1,5 @@
 import { nativeIsNaN } from './number-utils';
+
 /**
  * Prepares cookie string if given parameters are ok
  * @param {string} name cookie name to set
@@ -7,10 +8,12 @@ import { nativeIsNaN } from './number-utils';
  * @returns {string|null} cookie string if ok OR null if not
  */
 export const prepareCookie = (name, value, path) => {
-    if (!name || !value || !path) {
+    if (!name || !value) {
         return null;
     }
 
+    const log = console.log.bind(console); // eslint-disable-line no-console
+
     let valueToSet;
     if (value === 'true') {
         valueToSet = 'true';
@@ -35,18 +38,27 @@ export const prepareCookie = (name, value, path) => {
     } else if (/^\d+$/.test(value)) {
         valueToSet = parseFloat(value);
         if (nativeIsNaN(valueToSet)) {
+            log(`Invalid cookie value: '${value}'`);
             return null;
         }
         if (Math.abs(valueToSet) < 0 || Math.abs(valueToSet) > 15) {
+            log(`Invalid cookie value: '${value}'`);
             return null;
         }
     } else {
         return null;
     }
 
-    const pathToSet = path === 'none'
-        ? ''
-        : `path=${path}`;
+    let pathToSet;
+    if (path === '/') {
+        pathToSet = 'path=/';
+    } else if (path === 'none') {
+        pathToSet = '';
+    } else {
+        log(`Invalid cookie path: '${path}'`);
+        return null;
+    }
+
     // eslint-disable-next-line max-len
     const cookieData = `${encodeURIComponent(name)}=${encodeURIComponent(valueToSet)}; ${pathToSet}`;