mirror of
https://github.com/zhigang1992/react-native.git
synced 2026-04-01 22:41:28 +08:00
04028bf216
Summary: When a website in a ReactNative WebView sets a cookie with an illegal character, this cookie will automatically be added to any request to the same domain. This happens through: BridgeInterceptor.java (l.84) ReactCookieJarContainer.java (l.44) JavaNetCookieJar.java (l.59) ForwardingCookieHandler.java (l.57) ForwardingCookieHandler.java (l.168) CookieManager.java (l.39) The BridgeInterceptor.java then tries to set a Cookie header, which validates both keys and values, and then crashes. okhttp3.6.0 Headers.java (l.320) This fix will strip illegal characters from any cookie that is being passed to the okhttp request. To demonstrate how to crash the app, you can find an example app here: https://github.com/erikpoort/react-native-test-illegal-cookie Or you can load the following url into a webview: https://invalidcookietest.us.dev.monkapps.com/ Press the 'Set cookie' button. Then try to fetch the same url. [ANDROID] [BREAKING] [ReactCookieJarContainer.java] - I'm filtering cookies containing illegal characters from any request. Closes https://github.com/facebook/react-native/pull/18203 Differential Revision: D8164302 Pulled By: hramos fbshipit-source-id: 6e58461df594eb2c7aad4c7ad70b76d12ac09b84
Building React Native for Android
See the docs on the website.
Running tests
When you submit a pull request CircleCI will automatically run all tests. To run tests locally, see Testing.