2 years ago · 7b07667cac
--- a/src/Http/Cookie/Cookie.php
+++ b/src/Http/Cookie/Cookie.php
@@ -286,7 +286,10 @@ class Cookie implements CookieInterface
 
				             $parts = preg_split('/\;[ \t]*/', $cookie);
			
 
				         }
			
 
				 
			
 
				-        [$name, $value] = explode('=', array_shift($parts), 2);
			
 
				+        $nameValue = explode('=', array_shift($parts), 2);
			
 
				+        $name = array_shift($nameValue);
			
 
				+        $value = array_shift($nameValue) ?? '';
			
 
				+
			
 
				         $data = [
			
 
				                 'name' => urldecode($name),
			
 
				                 'value' => urldecode($value),
			
--- a/src/Mailer/Message.php
+++ b/src/Mailer/Message.php
@@ -1012,8 +1012,8 @@ class Message implements JsonSerializable, Serializable
 
				                 $return[] = $email;
			
 
				             } else {
			
 
				                 $encoded = $this->encodeForHeader($alias);
			
 
				-                if ($encoded === $alias && preg_match('/[^a-z0-9 ]/i', $encoded)) {
			
 
				-                    $encoded = '"' . str_replace('"', '\"', $encoded) . '"';
			
 
				+                if (preg_match('/[^a-z0-9+\-\\=? ]/i', $encoded)) {
			
 
				+                    $encoded = '"' . addcslashes($encoded, '"\\') . '"';
			
 
				                 }
			
 
				                 $return[] = sprintf('%s <%s>', $encoded, $email);
			
 
				             }
			
--- a/tests/TestCase/Http/Cookie/CookieTest.php
+++ b/tests/TestCase/Http/Cookie/CookieTest.php
@@ -465,7 +465,7 @@ class CookieTest extends TestCase
 
				         $this->assertSame('test;example.com;/path', $cookie->getId());
			
 
				     }
			
 
				 
			
 
				-    public function testCreateFromHeaderString(): void
			
 
				+    public function testCreateFromHeaderStringInvalidSamesite(): void
			
 
				     {
			
 
				         $header = 'cakephp=cakephp-rocks; expires=Wed, 01-Dec-2027 12:00:00 GMT; path=/; domain=cakephp.org; samesite=invalid; secure; httponly';
			
 
				         $result = Cookie::createFromHeaderString($header);
			
@@ -475,6 +475,15 @@ class CookieTest extends TestCase
 
				         $this->assertNull($result->getSameSite());
			
 
				     }
			
 
				 
			
 
				+    public function testCreateFromHeaderStringEmptyValue(): void
			
 
				+    {
			
 
				+        // Invalid cookie with no = separator or value.
			
 
				+        $header = 'cakephp; expires=Wed, 01-Dec-2027 12:00:00 GMT; path=/; domain=cakephp.org;';
			
 
				+        $result = Cookie::createFromHeaderString($header);
			
 
				+
			
 
				+        $this->assertSame('', $result->getValue());
			
 
				+    }
			
 
				+
			
 
				     public function testDefaults(): void
			
 
				     {
			
 
				         Cookie::setDefaults(['path' => '/cakephp', 'expires' => time()]);
			
@@ -494,7 +503,7 @@ class CookieTest extends TestCase
 
				         $this->expectExceptionMessage('Invalid type `array` for expire');
			
 
				 
			
 
				         Cookie::setDefaults(['expires' => ['ompalompa']]);
			
 
				-        $cookie = new Cookie('cakephp', 'cakephp-rocks');
			
 
				+        new Cookie('cakephp', 'cakephp-rocks');
			
 
				     }
			
 
				 
			
 
				     public function testInvalidSameSiteForDefaults(): void
			
--- a/tests/TestCase/Mailer/EmailTest.php
+++ b/tests/TestCase/Mailer/EmailTest.php
@@ -380,6 +380,11 @@ class EmailTest extends TestCase
 
				         $expected = ['"\"Last\" First" <me@example.com>'];
			
 
				         $this->assertSame($expected, $result);
			
 
				 
			
 
				+        // See https://datatracker.ietf.org/doc/html/rfc5322#section-3.2.4
			
 
				+        $result = $this->Email->getMessage()->fmtAddress(['me@example.com' => 'Quotes: " Backslashes: \\']);
			
 
				+        $expected = ['"Quotes: \\" Backslashes: \\\\" <me@example.com>'];
			
 
				+        $this->assertSame($expected, $result);
			
 
				+
			
 
				         $result = $this->Email->getMessage()->fmtAddress(['me@example.com' => 'Last First']);
			
 
				         $expected = ['Last First <me@example.com>'];
			
 
				         $this->assertSame($expected, $result);
			
@@ -391,6 +396,10 @@ class EmailTest extends TestCase
 
				         $result = $this->Email->getMessage()->fmtAddress(['cake@cakephp.org' => '日本語Test']);
			
 
				         $expected = ['=?UTF-8?B?5pel5pys6KqeVGVzdA==?= <cake@cakephp.org>'];
			
 
				         $this->assertSame($expected, $result);
			
 
				+
			
 
				+        $result = $this->Email->getMessage()->fmtAddress(['cake@cakephp.org' => 'Test <test@test.local>, Über']);
			
 
				+        $expected = ['"Test <test@test.local>, =?UTF-8?B?w5xiZXI=?=" <cake@cakephp.org>'];
			
 
				+        $this->assertSame($expected, $result);
			
 
				     }
			
 
				 
			
 
				     /**
			
@@ -404,12 +413,12 @@ class EmailTest extends TestCase
 
				         $this->assertSame($expected, $result);
			
 
				 
			
 
				         $result = $this->Email->getMessage()->fmtAddress(['cake@cakephp.org' => '寿限無寿限無五劫の擦り切れ海砂利水魚の水行末雲来末風来末食う寝る処に住む処やぶら小路の藪柑子パイポパイポパイポのシューリンガンシューリンガンのグーリンダイグーリンダイのポンポコピーのポンポコナーの長久命の長助']);
			
 
				-        $expected = ["=?ISO-2022-JP?B?GyRCPHc4Qkw1PHc4Qkw1OF45ZSROOyQkakBaJGwzJDo9TXg/ZTV7GyhC?=\r\n" .
			
 
				+        $expected = ["\"=?ISO-2022-JP?B?GyRCPHc4Qkw1PHc4Qkw1OF45ZSROOyQkakBaJGwzJDo9TXg/ZTV7GyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCJE4/ZTlUS3YxQE1oS3ZJd01oS3Y/KSQmPzIkaz1oJEs9OyRgGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCPWgkZCRWJGk+Lk8pJE5pLjQ7O1IlUSUkJV0lUSUkJV0lUSUkGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCJV0kTiU3JWUhPCVqJXMlLCVzJTclZSE8JWolcyUsJXMkTiUwGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCITwlaiVzJUAlJCUwITwlaiVzJUAlJCROJV0lcyVdJTMlVCE8GyhC?=\r\n" .
			
 
				-            ' =?ISO-2022-JP?B?GyRCJE4lXSVzJV0lMyVKITwkTkQ5NVdMPyRORDk9dRsoQg==?= <cake@cakephp.org>'];
			
 
				+            ' =?ISO-2022-JP?B?GyRCJE4lXSVzJV0lMyVKITwkTkQ5NVdMPyRORDk9dRsoQg==?=" <cake@cakephp.org>'];
			
 
				         $this->assertSame($expected, $result);
			
 
				     }
			
 
				 
			
--- a/tests/TestCase/Mailer/MessageTest.php
+++ b/tests/TestCase/Mailer/MessageTest.php
@@ -648,12 +648,12 @@ HTML;
 
				         $this->assertSame($expected, $result);
			
 
				 
			
 
				         $result = $this->message->fmtAddress(['cake@cakephp.org' => '寿限無寿限無五劫の擦り切れ海砂利水魚の水行末雲来末風来末食う寝る処に住む処やぶら小路の藪柑子パイポパイポパイポのシューリンガンシューリンガンのグーリンダイグーリンダイのポンポコピーのポンポコナーの長久命の長助']);
			
 
				-        $expected = ["=?ISO-2022-JP?B?GyRCPHc4Qkw1PHc4Qkw1OF45ZSROOyQkakBaJGwzJDo9TXg/ZTV7GyhC?=\r\n" .
			
 
				+        $expected = ["\"=?ISO-2022-JP?B?GyRCPHc4Qkw1PHc4Qkw1OF45ZSROOyQkakBaJGwzJDo9TXg/ZTV7GyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCJE4/ZTlUS3YxQE1oS3ZJd01oS3Y/KSQmPzIkaz1oJEs9OyRgGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCPWgkZCRWJGk+Lk8pJE5pLjQ7O1IlUSUkJV0lUSUkJV0lUSUkGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCJV0kTiU3JWUhPCVqJXMlLCVzJTclZSE8JWolcyUsJXMkTiUwGyhC?=\r\n" .
			
 
				             " =?ISO-2022-JP?B?GyRCITwlaiVzJUAlJCUwITwlaiVzJUAlJCROJV0lcyVdJTMlVCE8GyhC?=\r\n" .
			
 
				-            ' =?ISO-2022-JP?B?GyRCJE4lXSVzJV0lMyVKITwkTkQ5NVdMPyRORDk9dRsoQg==?= <cake@cakephp.org>'];
			
 
				+            ' =?ISO-2022-JP?B?GyRCJE4lXSVzJV0lMyVKITwkTkQ5NVdMPyRORDk9dRsoQg==?=" <cake@cakephp.org>'];
			
 
				         $this->assertSame($expected, $result);
			
 
				     }