Implement cookie sanitation

.eslintrc

@@ -8,6 +8,7 @@
   "globals": {
     "Address": true,
     "files": true,
+    "Header": true,
     "helpers": true,
     "interceptor": true,
     "mappings": true,

core/constants.js

@@ -27,6 +27,12 @@ const Address = {
     'WWW_PREFIX': 'www.'
 };
 
+const Header = {
+    'COOKIE': 'Cookie',
+    'ORIGIN': 'Origin',
+    'REFERER': 'Referer'
+};
+
 const Resource = {
     'MAPPING_EXPRESSION': /\.map$/i,
     'VERSION_EXPRESSION': /(?:\d{1,2}\.){1,3}\d{1,2}/,
@@ -46,9 +52,7 @@ const Setting = {
 const WebRequest = {
     'GET': 'GET',
     'BLOCKING': 'blocking',
-    'HEADERS': 'requestHeaders',
-    'ORIGIN_HEADER': 'Origin',
-    'REFERER_HEADER': 'Referer'
+    'HEADERS': 'requestHeaders'
 };
 
 const Whitelist = {

core/request-sanitizer.js

@@ -47,11 +47,11 @@ requestSanitizer.disable = function () {
 
 requestSanitizer._stripMetadata = function (requestDetails) {
 
+    let sensitiveHeaders = [Header.COOKIE, Header.ORIGIN, Header.REFERER];
+
     for (let i = 0; i < requestDetails.requestHeaders.length; ++i) {
 
-        if (requestDetails.requestHeaders[i].name === WebRequest.ORIGIN_HEADER) {
-            requestDetails.requestHeaders.splice(i--, 1);
-        } else if (requestDetails.requestHeaders[i].name === WebRequest.REFERER_HEADER) {
+        if (sensitiveHeaders.indexOf(requestDetails.requestHeaders[i].name) > -1) {
             requestDetails.requestHeaders.splice(i--, 1);
         }
     }