diff options
Diffstat (limited to 'libgo/go/net/http/request.go')
| -rw-r--r-- | libgo/go/net/http/request.go | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/libgo/go/net/http/request.go b/libgo/go/net/http/request.go index 88fa093..fe6b6098 100644 --- a/libgo/go/net/http/request.go +++ b/libgo/go/net/http/request.go @@ -83,12 +83,7 @@ var ( ErrMissingContentLength = &ProtocolError{"missing ContentLength in HEAD response"} ) -type badStringError struct { - what string - str string -} - -func (e *badStringError) Error() string { return fmt.Sprintf("%s %q", e.what, e.str) } +func badStringError(what, val string) error { return fmt.Errorf("%s %q", what, val) } // Headers that Request.Write handles itself and should be skipped. var reqWriteExcludeHeader = map[string]bool{ @@ -430,6 +425,8 @@ func (r *Request) Cookie(name string) (*Cookie, error) { // AddCookie does not attach more than one Cookie header field. That // means all cookies, if any, are written into the same line, // separated by semicolon. +// AddCookie only sanitizes c's name and value, and does not sanitize +// a Cookie header already present in the request. func (r *Request) AddCookie(c *Cookie) { s := fmt.Sprintf("%s=%s", sanitizeCookieName(c.Name), sanitizeCookieValue(c.Value)) if c := r.Header.Get("Cookie"); c != "" { @@ -506,7 +503,7 @@ func valueOrDefault(value, def string) string { // NOTE: This is not intended to reflect the actual Go version being used. // It was changed at the time of Go 1.1 release because the former User-Agent -// had ended up on a blacklist for some intrusion detection systems. +// had ended up blocked by some intrusion detection systems. // See https://codereview.appspot.com/7532043. const defaultUserAgent = "Go-http-client/1.1" @@ -1025,14 +1022,14 @@ func readRequest(b *bufio.Reader, deleteHostHeader bool) (req *Request, err erro var ok bool req.Method, req.RequestURI, req.Proto, ok = parseRequestLine(s) if !ok { - return nil, &badStringError{"malformed HTTP request", s} + return nil, badStringError("malformed HTTP request", s) } if !validMethod(req.Method) { - return nil, &badStringError{"invalid method", req.Method} + return nil, badStringError("invalid method", req.Method) } rawurl := req.RequestURI if req.ProtoMajor, req.ProtoMinor, ok = ParseHTTPVersion(req.Proto); !ok { - return nil, &badStringError{"malformed HTTP version", req.Proto} + return nil, badStringError("malformed HTTP version", req.Proto) } // CONNECT requests are used two different ways, and neither uses a full URL: |