From 49ff7cffb125608a9e96bdbf24bc9c3ab1f0fd57 Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Mon, 1 Apr 2024 08:23:10 -0400
Subject: [PATCH] Improve `[trusted-]set-cookie` scriptlets

As per RFC 6265 the characters ", should be encoded but apparently
browsers don't care. Remove them from the set of characters which
presence trigger encoding.

Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/3178#issuecomment-2029622321
---
 assets/resources/scriptlets.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/assets/resources/scriptlets.js b/assets/resources/scriptlets.js
index bbef27248..c4ec45164 100644
--- a/assets/resources/scriptlets.js
+++ b/assets/resources/scriptlets.js
@@ -975,7 +975,9 @@ function setCookieFn(
         name = encodeURIComponent(name);
     }
     // https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.1
-    if ( /[^!#-+\--:<-[\]-~]/.test(value) ) {
+    // The characters [",] are given a pass from the RFC requirements because
+    // apparently browsers do not follow the RFC to the letter.
+    if ( /[^!-:<-[\]-~]/.test(value) ) {
         value = encodeURIComponent(value);
     }