net/http: speed up cookie and method validation

Fixes #67031
golang · Feb 17, 2025 · f962005 · f962005
1 parent d524e1e
commit f962005
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 5 deletions.
diff --git a/src/net/http/cookie.go b/src/net/http/cookie.go
@@ -528,8 +528,5 @@ func parseCookieValue(raw string, allowDoubleQuote bool) (value string, quoted,
 }
 
 func isCookieNameValid(raw string) bool {
-	if raw == "" {
-		return false
-	}
-	return strings.IndexFunc(raw, isNotToken) < 0
+	return isToken(raw)
 }
diff --git a/src/net/http/http.go b/src/net/http/http.go
@@ -123,6 +123,12 @@ func isNotToken(r rune) bool {
 	return !httpguts.IsTokenRune(r)
 }
 
+// isToken reports whether v is a valid token (https://www.rfc-editor.org/rfc/rfc2616#section-2.2).
+func isToken(v string) bool {
+	// For historical reasons, this function is called ValidHeaderFieldName (see issue #67031).
+	return httpguts.ValidHeaderFieldName(v)
+}
+
 // stringContainsCTLByte reports whether s contains any ASCII control character.
 func stringContainsCTLByte(s string) bool {
 	for i := 0; i < len(s); i++ {

diff --git a/src/net/http/request.go b/src/net/http/request.go
@@ -855,7 +855,7 @@ func validMethod(method string) bool {
 	   extension-method = token
 	     token          = 1*<any CHAR except CTLs or separators>
 	*/
-	return len(method) > 0 && strings.IndexFunc(method, isNotToken) == -1
+	return isToken(method)
 }
 
 // NewRequest wraps [NewRequestWithContext] using [context.Background].