Closed
Description
Symfony version(s) affected
6.3.5
Description
Cookie::fromString destroys trailing equal signs in the value. Trailing '=' are very common in base64 encoded values.
From a glance at the code the cause seems to be the call to $parts = HeaderUtils::split($cookie, ';=');, where $cookie is the string as it appears in an HTTP header.
How to reproduce
<?php
require 'vendor/autoload.php';
use Symfony\Component\HttpFoundation\Cookie;
$c = Cookie::fromString('foo=AAA=; Path=/; Expires=Sun, 31 Dec 2023 14:32:53 GMT; Max-Age=7776000; HttpOnly; Secure; SameSite=None');
var_dump($c->getValue()); // string(3) "AAA", but expected string(4) "AAA="Possible Solution
Split only on ';' to determine the parts. Split each part into key-value pairs on the first '=' only.
Additional Context
No response