From 89fa666bc48daa0312abfe1caef3d1bcd8ca2375 Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Wed, 10 Apr 2024 08:24:45 -0400
Subject: [PATCH] Improve `set-cookie.fn` scriptlet

As per browser behavior, space character does not require encoding.
---
 assets/resources/scriptlets.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/resources/scriptlets.js b/assets/resources/scriptlets.js
index dfb10e53f..3cf2981c6 100644
--- a/assets/resources/scriptlets.js
+++ b/assets/resources/scriptlets.js
@@ -977,7 +977,7 @@ function setCookieFn(
     // https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.1
     // The characters [",] are given a pass from the RFC requirements because
     // apparently browsers do not follow the RFC to the letter.
-    if ( /[^!-:<-[\]-~]/.test(value) ) {
+    if ( /[^ -:<-[\]-~]/.test(value) ) {
         value = encodeURIComponent(value);
     }