fix Script error for https://www.bankofamerica.com/` (close DevExpre…

…ss#767) (DevExpress#985)

src/client/sandbox/cookie.js

@@ -7,6 +7,7 @@ import { isCrossDomainWindows } from '../utils/dom';
 import transport from '../transport';
 import trim from '../../utils/string-trim';
 import INTERNAL_PROPS from '../../processing/dom/internal-properties';
+import BYTES_PER_COOKIE_LIMIT from '../../session/cookie-limit';
 
 export default class CookieSandbox extends SandboxBase {
     _getSettings () {
@@ -101,6 +102,9 @@ export default class CookieSandbox extends SandboxBase {
     }
 
     setCookie (document, value, syncWithServer) {
+        if (value.length > BYTES_PER_COOKIE_LIMIT)
+            return value;
+
         // NOTE: First, update our client cookies cache with a client-validated cookie string,
         // so that sync code can immediately access cookies.
         var parsedCookie = cookieUtils.parse(value);

src/client/sandbox/node/window.js

@@ -237,6 +237,9 @@ export default class WindowSandbox extends SandboxBase {
 
         window.Function.prototype             = nativeMethods.Function.prototype;
         window.Function.prototype.constructor = window.Function;
+        window.Function.toString              = function () {
+            return nativeMethods.Function.toString();
+        };
 
         if (typeof window.history.pushState === 'function' && typeof window.history.replaceState === 'function') {
             window.history.pushState = function () {

src/session/cookie-limit.js

@@ -0,0 +1,12 @@
+// -------------------------------------------------------------
+// WARNING: this file is used by both the client and the server.
+// Do not use any browser or node-specific API!
+// -------------------------------------------------------------
+/* eslint hammerhead/proto-methods: 2 */
+
+
+// NOTE: At least 4096 bytes per cookie (as measured by the sum of the length of the cookie's name,
+// value, and attributes). Specification https://tools.ietf.org/html/rfc6265#page-27 (GH-767)
+const BYTES_PER_COOKIE_LIMIT = 4096;
+
+export default BYTES_PER_COOKIE_LIMIT;

src/session/cookies.js

@@ -1,4 +1,5 @@
 import { CookieJar } from 'tough-cookie';
+import BYTES_PER_COOKIE_LIMIT from './cookie-limit';
 
 export default class Cookies {
     constructor () {
@@ -9,6 +10,9 @@ export default class Cookies {
         cookies = Array.isArray(cookies) ? cookies : [cookies];
 
         cookies.forEach(cookieStr => {
+            if (cookieStr.length > BYTES_PER_COOKIE_LIMIT)
+                return;
+
             this.cookieJar.setCookieSync(cookieStr, url, {
                 http:        !isClient,
                 ignoreError: true

test/client/fixtures/sandbox/cookie-test.js

@@ -63,7 +63,8 @@ test('get/set', function () {
         'Test6=HttpOnly; expires=Wed, 13-Jan-2021 22:23:01 GMT; path=/; HttpOnly',
         'Test7=Secure; expires=Wed, 13-Jan-2021 22:23:01 GMT; path=/; Secure',
         'Test8=Expired; expires=Wed, 13-Jan-1977 22:23:01 GMT; path=/',
-        'Test9=Duplicate; One=More; expires=Wed, 13-Jan-2021 22:23:01 GMT; path=/'
+        'Test9=Duplicate; One=More; expires=Wed, 13-Jan-2021 22:23:01 GMT; path=/',
+        'Test10=' + new Array(350).join('(big cookie)')
     ];
 
     for (var i = 0; i < cookieStrs.length; i++)

test/client/fixtures/sandbox/node/window-test.js

@@ -136,4 +136,5 @@ test('the constructor field of a function should return a wrapped Function objec
     };
 
     strictEqual(f.constructor, Function);
+    strictEqual(f.constructor.toString(), nativeMethods.Function.toString());
 });

test/server/proxy-test.js

@@ -84,6 +84,7 @@ describe('Proxy', function () {
             res.statusCode = 302;
 
             res.set('set-cookie', 'Test=value; Path=/cookie');
+            res.set('set-cookie', 'Test2=' + new Array(350).join('(big cookie)'));
             res.set('location', '/cookie/echo');
 
             res.end();