From a8b029e42324f62076dbf1e263b8173d54c690b9 Mon Sep 17 00:00:00 2001
From: Sergio Benitez <sb@sergio.bz>
Date: Sat, 16 May 2020 17:55:11 -0700
Subject: [PATCH] Properly delimit length and name in flash cookies.

Fixes #1263.
---
 core/lib/src/response/flash.rs | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/core/lib/src/response/flash.rs b/core/lib/src/response/flash.rs
index b7c2db54..d2b8ee06 100644
--- a/core/lib/src/response/flash.rs
+++ b/core/lib/src/response/flash.rs
@@ -11,6 +11,9 @@ use std::sync::atomic::{AtomicBool, Ordering};
 // The name of the actual flash cookie.
 const FLASH_COOKIE_NAME: &str = "_flash";
 
+// Character to use as a delimiter after the cookie's name's length.
+const FLASH_COOKIE_DELIM: char = ':';
+
 /// Sets a "flash" cookie that will be removed when it is accessed. The
 /// analogous request type is [`FlashMessage`].
 ///
@@ -181,7 +184,9 @@ impl<'r, R: Responder<'r>> Flash<R> {
     }
 
     fn cookie(&self) -> Cookie<'static> {
-        let content = format!("{}{}{}", self.name.len(), self.name, self.message);
+        let content = format!("{}{}{}{}",
+            self.name.len(), FLASH_COOKIE_DELIM, self.name, self.message);
+
         Cookie::build(FLASH_COOKIE_NAME, content)
             .max_age(Duration::minutes(5))
             .path("/")
@@ -250,9 +255,9 @@ impl<'a, 'r> FromRequest<'a, 'r> for Flash<&'a Request<'r>> {
 
             // Parse the flash message.
             let content = cookie.value();
-            let (len_str, kv) = match content.find(|c: char| !c.is_digit(10)) {
-                Some(i) => (&content[..i], &content[i..]),
-                None => (content, ""),
+            let (len_str, kv) = match content.find(FLASH_COOKIE_DELIM) {
+                Some(i) => (&content[..i], &content[(i + 1)..]),
+                None => return Err(()),
             };
 
             match len_str.parse::<usize>() {