yahoo/proxy-verifier

Duplicate field verification improvement

Opened this issue · 0 comments

We currently support duplicate field verification via this syntax:

https://github.com/SolidWallOfCode/txn_box/blob/ac14d6ba457df564738fea1566fb68b7745d42ce/test/autest/gold_tests/ct_header/ct_header.replay.yaml#L411-L414

        - [ set-cookie,
            [ "A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
              "A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
            equal ]

This applies the equal directive to each set-cookie duplicated field in the order listed. Only one directive type can be specified. We should at least support the new map syntax for this:

        - [ set-cookie,
            { value: ["A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
              "A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
            as: equal } ]

And this would be really cool:

        - [ set-cookie,
            [ 
              { value: "A1=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly",
                as: present },
              { value: "A3=d=AQABBO; Max-Age=31557600; Domain=.example.com; Path=/; SameSite=Lax; Secure; HttpOnly" ],
                as: equal } ] ]

Thus different directives could be applied to each field. This latter is not likely easy to implement. Look into it.

Regardless of the mechanism settled upon, this must be documented.