From ba5345fbddb8ffb38bfb27ccc16ff18f9b90272d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fernando=20Corr=C3=AAa=20de=20Oliveira?=
 <fernando.correa@payprop.com>
Date: Thu, 2 Oct 2025 01:27:55 +0100
Subject: [PATCH] Fix throwing with client-supplied invalid cookie (copy of
 #126 vrurg++)

---
 Changes                      | 1 +
 lib/Cro/HTTP/Request.rakumod | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/Changes b/Changes
index c86b074..86dfbfd 100644
--- a/Changes
+++ b/Changes
@@ -4,6 +4,7 @@ Revision history for Cro::HTTP
     - Support link generation
     - Make http function accept a list of http methods
     - Catch URI parse errors during routing
+    - Fix throwing with client-supplied invalid cookie
 
 0.8.11
     - Avoid sending a 0-byte WINDOW_UPDATE frame.
diff --git a/lib/Cro/HTTP/Request.rakumod b/lib/Cro/HTTP/Request.rakumod
index 2de940c..b3c98ca 100644
--- a/lib/Cro/HTTP/Request.rakumod
+++ b/lib/Cro/HTTP/Request.rakumod
@@ -167,6 +167,15 @@ class Cro::HTTP::Request does Cro::HTTP::Message {
 		!! @str[0].value.split(/';' ' '?/).List;
         my @res;
         for @str {
+            CATCH {
+                when X::TypeCheck::Assignment {
+                    # Skip cookies with invalid name or value.
+                    # Since they're received from a client we must not die.
+                    # But neither we're obliged to maintain them.
+                    .rethrow unless .symbol eq '$!value' | '$!name';
+                    next
+                }
+            }
             my ($name, $value) = $_.split('=');
             @res.push: Cro::HTTP::Cookie.new(:$name, :$value) if $name;
         }