diff --git a/src/Microsoft.Net.Http.Headers/SetCookieHeaderValue.cs b/src/Microsoft.Net.Http.Headers/SetCookieHeaderValue.cs index f3477648de..74b5c6c48c 100644 --- a/src/Microsoft.Net.Http.Headers/SetCookieHeaderValue.cs +++ b/src/Microsoft.Net.Http.Headers/SetCookieHeaderValue.cs @@ -452,9 +452,15 @@ namespace Microsoft.Net.Http.Headers result.HttpOnly = true; } // extension-av = - else - { - // TODO: skip it? Store it in a list? + else + { + // TODO: skiping it for now to avoid parsing failure? Store it in a list? + // = (no spaces) + if (!ReadEqualsSign(input, ref offset)) + { + return 0; + } + ReadToSemicolonOrEnd(input, ref offset); } } @@ -520,4 +526,4 @@ namespace Microsoft.Net.Http.Headers ^ HttpOnly.GetHashCode(); } } -} \ No newline at end of file +} diff --git a/test/Microsoft.Net.Http.Headers.Tests/SetCookieHeaderValueTest.cs b/test/Microsoft.Net.Http.Headers.Tests/SetCookieHeaderValueTest.cs index 9a920f40d0..058f8d4bd9 100644 --- a/test/Microsoft.Net.Http.Headers.Tests/SetCookieHeaderValueTest.cs +++ b/test/Microsoft.Net.Http.Headers.Tests/SetCookieHeaderValueTest.cs @@ -365,6 +365,18 @@ namespace Microsoft.Net.Http.Headers Assert.Equal(cookies, results); } + [Fact] + public void SetCookieHeaderValue_TryParse_SkipExtensionValues() + { + string cookieHeaderValue = "cookiename=value; extensionname=value;"; + + SetCookieHeaderValue setCookieHeaderValue; + + SetCookieHeaderValue.TryParse(cookieHeaderValue, out setCookieHeaderValue); + + Assert.Equal("value", setCookieHeaderValue.Value); + } + [Theory] [MemberData(nameof(ListOfSetCookieHeaderDataSet))] public void SetCookieHeaderValue_ParseStrictList_AcceptsValidValues(IList cookies, string[] input)