-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Special characters #623
Comments
Might be an older bug, which version are you using? Could you give the v3 rc a try? |
I am currently using CDN, should I try to download v3 as you said? |
@carhartl I tested v3 (min.js file) and it still does not work |
Works for me without a problem (tested with v2): https://jsfiddle.net/otx4qfys/ Have you tried after deleting all cookies? |
If that doesn't work, would be good to see the actual code in question... |
IMPORTANT NOTE - this issue is happeing only using Safari browser (macOS), tested with Chrome on macOS and works fine, also Windows 10 Chrome is working too. Sorry for that, I discovered this right now. Yes. This code is called when you fill input (called "note") and submit add-to-cart button. name, number, size, ac are empty, note is where problem is coming and ks is a number So if input contains for ex.
|
Looks like an odd bug in Safari not even related to our library. When trying to write a cookie value directly like so ("1;1;;;;;poznámka;" with semicolons percent-encoded => "1%3B1%3B%3B%3B%3B%3Bpoznámka%3B"): document.cookie = "test=1%3B1%3B%3B%3B%3B%3Bpoznámka%3B; path=/" we end up with a cookie with the value "1%3B1%3B%3B%3B%3B%3Bpozn" and the path of the current page (not '/'), so it really looks like Safari (Safari 13.1, macOS Catalina 10.15.4) would ignore everything after and including Same for document.cookie = "test=poznámka%3B; path=/" // cookie has a value of "pozn" and path of current page
// ...
document.cookie = "test=fooá; path=/" // cookie has a value of "foo" So it really looks like Safari just doesn't accept these characters for whatever reason. |
As a workaround you'd have to create a cookie api instance with converters that do a full How to use converters: https://github.com/js-cookie/js-cookie/tree/latest#converters Example: var api = Cookies.withConverter({
read: function (value, name) {
return decodeURIComponent(value)
},
write: function (value, name) {
return encodeURIComponent(value)
}
}) Not sure at this point if there's anything we can do to workaround it elsehow. |
Okay, thank you for provided support, I'll try somehow to figure out. Have a nice day :) |
Here‘s a Stackoverflow answer with some more pointers : https://stackoverflow.com/questions/1969232/what-are-allowed-characters-in-cookies/1969339#1969339
@FagnerMartinsBrack |
RFC 6265 again (which Safari seems to follow, despite Section 5.2):
ASCII only! |
MDN suggests:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie |
Just to clarify - it works correctly in v2! In order for this to work without setting up any converters please make sure to use the latest stable release (2.2.1): <script src="https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js"></script> (From https://github.com/js-cookie/js-cookie/tree/latest#readme) Likely you've been using the cdn snippet from https://github.com/js-cookie/js-cookie (master) all along which will give you the release candidate of version 3: <script src="https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js"></script> The problem at hand has been introduced in v3. I'm going to reopen this ticket as this needs fixing. |
I am fine with the convertor, it works good for now. I'll also try 2.2.1 version |
@carhartl
Learning: Next time I should document this research somewhere so that somebody else (including myself years from then) don't go through this path again only to find the wall. Yes, we have to go with the server-side section if we want to be robustand allow "every character to work". Unless we can get Safari to change their implementation (which I believe won't be easy). I vote for acknowledging cookie implementations are screwed up and encode every character except characters that are allowed in the server-side part of the spec. Happy to be proven wrong though. |
Shall we ping spec authors again for the third view on this? |
No. |
So here's my plan..: I'm going to bring back the encoding implementation from v2 (i.e. revert some commits) - apparently it has been rock-solid, thanks @FagnerMartinsBrack -, but then also, for reading:
So when reading a cookie, say for a key In a way, when writing a cookie we will be adhering to Section 4 of RFC 6265 (because we have to w/ Safari), when reading Section 5 applies. This will tackle #595 and similar requests/issues. So much for the theory, let's see if it goes like planned :) |
Isn't that how it was done before? When reading the key you would The previous encoding tests were strictly adhering to section 4. Which means that it only encodes the characters that are required by the RFC, nothing else. We need to be careful to not encode characters that are not necessary as that might create regressions on code that is on the border fo the 4k cookie size limit. Here's an idea to verify this regression: Maybe we can build a test that asserts on the length of a cookie as 3999 bytes (using only the possible characters that should be encoded) using v2 code and then make sure that the tests are still passing when integrated with v3? |
I don’t think so. Otherwise we wouldn’t have #595. |
Reverted to fix this regression: 294247e |
@FagnerMartinsBrack No, you were right, it already worked like this. I couldn't find an explicit test for it, so I'm adding one. |
Like how? |
Hello everyone,
this is not a bug report, sorry, but I need to ask. I've been checking up encoding and converters sections but it didnt helped me much.
As a feature is this library described with
Accepts any character
(except;
or=
obviously). But I have a problem with saving characters likeě š č ř ž ý á í é
etc.. If I save a cookie containing one of this chars, at its place is the string "cut" (example:poznámka 123
->pozn
)Is there any way how to figure out of this?
thanks :)
The text was updated successfully, but these errors were encountered: