search

dwaite / cookiejar

Manage client-side HTTP cookies in Ruby
BSD 2-Clause "Simplified" License
42 stars 69 forks source link

Comma-separated cookies not supported? (RFC 2109) #4

Closed bluemont closed 10 years ago

bluemont commented 12 years ago

CookieJar's goal is to parse RFC 2109 cookies, right?

According to RFC 2109: HTTP State Management Mechanism:

Informally, the Set-Cookie response header comprises the token Set-Cookie:, followed by a comma-separated list of one or more cookies. Each cookie begins with a NAME=VALUE pair, followed by zero or more semi-colon-separated attribute-value pairs.

I haven't found an API method in cookiejar that handles comma-separated cookies. I tried set_cookie and that failed.

Unless I misunderstood the cookie spec and/or overlooked something in the code, this is a bug. I didn't see any tests checking for multiple cookies.

Hopefully easy to fix, though!

bluemont commented 12 years ago

Mechanize splits cookies like this, more or less:

def parse_cookies(cookie_string)
  cookie_string.split(/,(?=[^;,]*=)|,$/).map { |c| parse_cookie (c) }
end

def parse_cookie(string)
  # ...
end

Would you be amenable to adding something along these lines? This happens with real world cookies.

MikeMcQuaid commented 10 years ago

Pretty sure this was fixed by https://github.com/dwaite/cookiejar/pull/2, no?

dwaite commented 10 years ago

Let me know if this was not fixed by #2