Simperfit
diff --git a/‎phpunit
Lines changed: 3 additions & 0 deletions b/‎phpunit
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Cookie.php
Lines changed: 16 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Cookie.php
Lines changed: 16 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Response.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Response.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
Lines changed: 18 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
Lines changed: 18 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_urlencode.expected
Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_urlencode.expected
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_urlencode.php
Lines changed: 6 additions & 3 deletions b/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_urlencode.php
Lines changed: 6 additions & 3 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/invalid_cookie_name.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/invalid_cookie_name.php
Lines changed: 1 addition & 1 deletion
@@ -9,6 +9,9 @@ if (!file_exists(__DIR__.'/vendor/symfony/phpunit-bridge/bin/simple-phpunit')) {
 }
 if (!getenv('SYMFONY_PHPUNIT_VERSION')) {
     if (\PHP_VERSION_ID >= 70200) {
+        if (false === getenv('SYMFONY_PHPUNIT_REMOVE_RETURN_TYPEHINT') && false !== strpos(@file_get_contents(__DIR__.'/src/Symfony/Component/HttpKernel/Kernel.php'), 'const MAJOR_VERSION = 3;')) {
+            putenv('SYMFONY_PHPUNIT_REMOVE_RETURN_TYPEHINT=1');
+        }
         putenv('SYMFONY_PHPUNIT_VERSION=8.3');
     } elseif (\PHP_VERSION_ID >= 70000) {
         putenv('SYMFONY_PHPUNIT_VERSION=6.5');
 
@@ -18,20 +18,25 @@
  */
 class Cookie
 {
+    const SAMESITE_NONE = 'none';
+    const SAMESITE_LAX = 'lax';
+    const SAMESITE_STRICT = 'strict';
+
     protected $name;
     protected $value;
     protected $domain;
     protected $expire;
     protected $path;
     protected $secure;
     protected $httpOnly;
+
     private $raw;
     private $sameSite;
     private $secureDefault = false;
 
-    const SAMESITE_NONE = 'none';
-    const SAMESITE_LAX = 'lax';
-    const SAMESITE_STRICT = 'strict';
+    private static $reservedCharsList = "=,; \t\r\n\v\f";
+    private static $reservedCharsFrom = ['=', ',', ';', ' ', "\t", "\r", "\n", "\v", "\f"];
+    private static $reservedCharsTo = ['%3D', '%2C', '%3B', '%20', '%09', '%0D', '%0A', '%0B', '%0C'];
 
     /**
      * Creates cookie from raw header string.
@@ -93,7 +98,7 @@ public function __construct(string $name, string $value = null, $expire = 0, ?st
         }
 
         // from PHP source code
-        if (preg_match("/[=,; \t\r\n\013\014]/", $name)) {
+        if ($raw && false !== strpbrk($name, self::$reservedCharsList)) {
             throw new \InvalidArgumentException(sprintf('The cookie name "%s" contains invalid characters.', $name));
         }
 
@@ -141,7 +146,13 @@ public function __construct(string $name, string $value = null, $expire = 0, ?st
      */
     public function __toString()
     {
-        $str = ($this->isRaw() ? $this->getName() : urlencode($this->getName())).'=';
+        if ($this->isRaw()) {
+            $str = $this->getName();
+        } else {
+            $str = str_replace(self::$reservedCharsFrom, self::$reservedCharsTo, $this->getName());
+        }
+
+        $str .= '=';
 
         if ('' === (string) $this->getValue()) {
             $str .= 'deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; Max-Age=0';
 
@@ -344,7 +344,7 @@ public function sendHeaders()
 
         // cookies
         foreach ($this->headers->getCookies() as $cookie) {
-            header('Set-Cookie: '.$cookie->getName().strstr($cookie, '='), false, $this->statusCode);
+            header('Set-Cookie: '.$cookie, false, $this->statusCode);
         }
 
         // status
 
@@ -24,10 +24,9 @@
  */
 class CookieTest extends TestCase
 {
-    public function invalidNames()
+    public function namesWithSpecialCharacters()
     {
         return [
-            [''],
             [',MyName'],
             [';MyName'],
             [' MyName'],
@@ -40,12 +39,26 @@ public function invalidNames()
     }
 
     /**
-     * @dataProvider invalidNames
+     * @dataProvider namesWithSpecialCharacters
      */
-    public function testInstantiationThrowsExceptionIfCookieNameContainsInvalidCharacters($name)
+    public function testInstantiationThrowsExceptionIfRawCookieNameContainsSpecialCharacters($name)
     {
         $this->expectException('InvalidArgumentException');
-        Cookie::create($name);
+        Cookie::create($name, null, 0, null, null, null, false, true);
+    }
+
+    /**
+     * @dataProvider namesWithSpecialCharacters
+     */
+    public function testInstantiationSucceedNonRawCookieNameContainsSpecialCharacters($name)
+    {
+        $this->assertInstanceOf(Cookie::class, Cookie::create($name));
+    }
+
+    public function testInstantiationThrowsExceptionIfCookieNameIsEmpty()
+    {
+        $this->expectException('InvalidArgumentException');
+        Cookie::create('');
     }
 
     public function testInvalidExpiration()
 
@@ -4,7 +4,8 @@ Array
     [0] => Content-Type: text/plain; charset=utf-8
     [1] => Cache-Control: no-cache, private
     [2] => Date: Sat, 12 Nov 1955 20:04:00 GMT
-    [3] => Set-Cookie: ?*():@&+$/%#[]=%3F%2A%28%29%3A%40%26%2B%24%2F%25%23%5B%5D; path=/
+    [3] => Set-Cookie: %3D%2C%3B%20%09%0D%0A%0B%0C=%3D%2C%3B%20%09%0D%0A%0B%0C; path=/
     [4] => Set-Cookie: ?*():@&+$/%#[]=%3F%2A%28%29%3A%40%26%2B%24%2F%25%23%5B%5D; path=/
+    [5] => Set-Cookie: ?*():@&+$/%#[]=%3F%2A%28%29%3A%40%26%2B%24%2F%25%23%5B%5D; path=/
 )
 shutdown
@@ -4,9 +4,12 @@
 
 $r = require __DIR__.'/common.inc';
 
-$str = '?*():@&+$/%#[]';
+$str1 = "=,; \t\r\n\v\f";
+$r->headers->setCookie(new Cookie($str1, $str1, 0, '', null, false, false, false, null));
 
-$r->headers->setCookie(new Cookie($str, $str, 0, '', null, false, false, false, null));
+$str2 = '?*():@&+$/%#[]';
+
+$r->headers->setCookie(new Cookie($str2, $str2, 0, '', null, false, false, false, null));
 $r->sendHeaders();
 
-setcookie($str, $str, 0, '/');
+setcookie($str2, $str2, 0, '/');
@@ -5,7 +5,7 @@
 $r = require __DIR__.'/common.inc';
 
 try {
-    $r->headers->setCookie(Cookie::create('Hello + world', 'hodor'));
+    $r->headers->setCookie(new Cookie('Hello + world', 'hodor', 0, null, null, null, false, true));
 } catch (\InvalidArgumentException $e) {
     echo $e->getMessage();
 }
Original file line number	Diff line number	Diff line change
`@@ -344,7 +344,7 @@ public function sendHeaders()`
`344`	`344`
`345`	`345`	`// cookies`
`346`	`346`	`foreach ($this->headers->getCookies() as $cookie) {`
`347`		`- header('Set-Cookie: '.$cookie->getName().strstr($cookie, '='), false, $this->statusCode);`
	`347`	`+ header('Set-Cookie: '.$cookie, false, $this->statusCode);`
`348`	`348`	`}`
`349`	`349`
`350`	`350`	`// status`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`	`$r = require __DIR__.'/common.inc';`
`6`	`6`
`7`	`7`	`try {`
`8`		`- $r->headers->setCookie(Cookie::create('Hello + world', 'hodor'));`
	`8`	`+ $r->headers->setCookie(new Cookie('Hello + world', 'hodor', 0, null, null, null, false, true));`
`9`	`9`	`} catch (\InvalidArgumentException $e) {`
`10`	`10`	`echo $e->getMessage();`
`11`	`11`	`}`