Allow the use of quotes in set-cookie scriptlet

Related discussion: uBlockOrigin/uAssets#20630 (comment)
gorhill · Nov 13, 2023 · 7c562d0 · 7c562d0
1 parent 30a01d8
commit 7c562d0
Showing 1 changed file with 8 additions and 7 deletions.
diff --git a/assets/resources/scriptlets.js b/assets/resources/scriptlets.js
@@ -853,8 +853,8 @@ function setLocalStorageItemFn(
  const unquoted = match && match[2] || normalized;
  if ( trustedValues.includes(unquoted) === false ) {
  if ( /^\d+$/.test(unquoted) === false ) { return; }
- const integer = parseInt(unquoted, 10);
- if ( integer > 32767 ) { return; }
+ const n = parseInt(unquoted, 10);
+ if ( n > 32767 ) { return; }
  }
  }
 
@@ -3418,16 +3418,17 @@ function setCookie(
  'ok',
  'on', 'off',
  'true', 't', 'false', 'f',
- 'y', 'n',
- 'yes', 'no',
+ 'yes', 'y', 'no', 'n',
  'necessary', 'required',
  ];
- if ( validValues.includes(value.toLowerCase()) === false ) {
- if ( /^\d+$/.test(value) === false ) { return; }
+ const normalized = value.toLowerCase();
+ const match = /^("?)(.+)\1$/.exec(normalized);
+ const unquoted = match && match[2] || normalized;
+ if ( validValues.includes(unquoted) === false ) {
+ if ( /^\d+$/.test(unquoted) === false ) { return; }
  const n = parseInt(value, 10);
  if ( n > 15 ) { return; }
  }
- value = encodeURIComponent(value);
 
  setCookieFn(
  false,