fix: bump limit to 32K

andyburke · web-flow · commit eaa00021caf6 · 2022-12-08T21:11:10.000-08:00
diff --git a/cookiejar.js b/cookiejar.js
@@ -64,8 +64,8 @@
 
     var cookie_str_splitter = /[:](?=\s*[a-zA-Z0-9_\-]+\s*[=])/g;
     Cookie.prototype.parse = function parse(str, request_domain, request_path) {
-        if ( str.length > 4096 ) {
-            console.warn("Cookie too long for parsing (>4096 characters)");
+        if ( str.length > 32768 ) {
+            console.warn("Cookie too long for parsing (>32768 characters)");
             return;
         }
 
diff --git a/tests/test.js b/tests/test.js
@@ -68,7 +68,7 @@ assert.equal(cookie.path, "/");
 assert.deepEqual(cookie, new Cookie("a=1;domain=.test.com;path=/"));
 
 // ensure cookies that are too long are not parsed to avoid any issues with DoS inputs
-var too_long_cookie = new Cookie( "foo=" + "blah".repeat( 2000 ) );
+var too_long_cookie = new Cookie( "foo=" + "blah".repeat( 10000 ) );
 assert.equal(too_long_cookie, undefined);
 
 // Test request_path and request_domain

Original file line number	Diff line number	Diff line change
`@@ -64,8 +64,8 @@`
`64`	`64`
`65`	`65`	`var cookie_str_splitter = /[:](?=\s[a-zA-Z0-9_\-]+\s[=])/g;`
`66`	`66`	`Cookie.prototype.parse = function parse(str, request_domain, request_path) {`
`67`		`- if ( str.length > 4096 ) {`
`68`		`- console.warn("Cookie too long for parsing (>4096 characters)");`
	`67`	`+ if ( str.length > 32768 ) {`
	`68`	`+ console.warn("Cookie too long for parsing (>32768 characters)");`
`69`	`69`	`return;`
`70`	`70`	`}`
`71`	`71`