diff options
author | brainopia <ravwar@gmail.com> | 2010-12-09 18:38:52 +0300 |
---|---|---|
committer | Vijay Dev <vijaydev.cse@gmail.com> | 2010-12-16 01:49:30 +0530 |
commit | ebc47465a5865ab91dc7d058d2d8a0cc961510d7 (patch) | |
tree | eabe94ecf138ee60c7bd8398c4ac36904b3d7b10 | |
parent | 875bbd58b4175a1219c5f7615946d0b89e51182d (diff) | |
download | rails-ebc47465a5865ab91dc7d058d2d8a0cc961510d7.tar.gz rails-ebc47465a5865ab91dc7d058d2d8a0cc961510d7.tar.bz2 rails-ebc47465a5865ab91dc7d058d2d8a0cc961510d7.zip |
Fix edge cases for domain :all option on cookie store
Dont set explicit domain for cookies if host is not a domain name
[#6002 state:committed]
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 7 | ||||
-rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 21 |
2 files changed, 26 insertions, 2 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index b0a4e3d949..f369d2d3c2 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -131,8 +131,11 @@ module ActionDispatch options[:path] ||= "/" if options[:domain] == :all - @host =~ DOMAIN_REGEXP - options[:domain] = ".#{$1}.#{$2}" + # if host is not ip and matches domain regexp + # (ip confirms to domain regexp so we explicitly check for ip) + options[:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ DOMAIN_REGEXP) + ".#{$1}.#{$2}" + end end end diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index 5ec7f12cc1..e2040401c7 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -295,6 +295,27 @@ class CookiesTest < ActionController::TestCase assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" end + def test_cookie_with_all_domain_option_using_localhost + @request.host = "localhost" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + + def test_cookie_with_all_domain_option_using_ipv4_address + @request.host = "192.168.1.1" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + + def test_cookie_with_all_domain_option_using_ipv6_address + @request.host = "2001:0db8:85a3:0000:0000:8a2e:0370:7334" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + def test_deleting_cookie_with_all_domain_option get :delete_cookie_with_domain assert_response :success |