From 028aa731edbec7f60e72011b8bdc93222d5e5279 Mon Sep 17 00:00:00 2001
From: Moonchild <moonchild@palemoon.org>
Date: Wed, 25 Oct 2023 04:31:47 +0200
Subject: [network] Block more invalid cookie name characters.

This blocks the following characters from use in the cookie name:
0x3B (semi-colon), 0x3D (equals) and 0x7F (del)
---
 netwerk/cookie/nsCookieService.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/netwerk/cookie/nsCookieService.cpp b/netwerk/cookie/nsCookieService.cpp
index 2c8a5612f3..2549ffaccb 100644
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3329,7 +3329,8 @@ nsCookieService::SetCookieInternal(nsIURI                        *aHostURI,
                                          0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
                                          0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
                                          0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E,
-                                         0x1F, /* 0x20, */ 0x00 };
+                                         0x1F, /* 0x20, */ 0x3B, 0x3D, 0x7F,
+                                         0x00 };
   if (cookieAttributes.name.FindCharInSet(illegalNameCharacters, 0) != -1) {
     COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "invalid name character");
     return newCookie;
-- 
cgit v1.2.3