> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Control character in cookie value or attribute
> On 5/24/2011 5:09 PM, Dan Checkoway wrote:
> > - } else if (CookieSupport.isHttpToken(value) &&
> > - !CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0 ||
> > - CookieSupport.isV0Token(value) &&
> > - CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0) {
> > + } else if (!CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0 &&
> > + CookieSupport.isHttpToken(value) ||
> > + CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0 &&
> > + CookieSupport.isV0Token(value)) {
> Ooh... looks like that expression could use some parentheses, too.
Doesn't absolutely require them, but...
I have a chart of C operator precedence on my wall; it's on two pages, and if I
have to look at the back side of the sheet to figure it out, the expression
should have parentheses. && and || are on the back side...
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
