diff options
author | Jeremy Kemper <jeremy@bitsweat.net> | 2008-02-02 02:55:44 +0000 |
---|---|---|
committer | Jeremy Kemper <jeremy@bitsweat.net> | 2008-02-02 02:55:44 +0000 |
commit | b84a33ddd1f3c309a0bf13f487c7729eb6adccaa (patch) | |
tree | 682ca607868b79e256cd65d0c72e781224ea2834 /actionpack | |
parent | 7527447ba178d9862b6782c7752d669e8bd32f85 (diff) | |
download | rails-b84a33ddd1f3c309a0bf13f487c7729eb6adccaa.tar.gz rails-b84a33ddd1f3c309a0bf13f487c7729eb6adccaa.tar.bz2 rails-b84a33ddd1f3c309a0bf13f487c7729eb6adccaa.zip |
Don't split cookies on comma also. References r8505.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8773 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/lib/action_controller/cgi_ext/cookie.rb | 2 | ||||
-rwxr-xr-x | actionpack/test/controller/cgi_test.rb | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/actionpack/lib/action_controller/cgi_ext/cookie.rb b/actionpack/lib/action_controller/cgi_ext/cookie.rb index 07d2f08d5a..c7ea1b6443 100644 --- a/actionpack/lib/action_controller/cgi_ext/cookie.rb +++ b/actionpack/lib/action_controller/cgi_ext/cookie.rb @@ -89,7 +89,7 @@ class CGI #:nodoc: cookies = Hash.new([]) if raw_cookie - raw_cookie.split(/[;,]\s?/).each do |pairs| + raw_cookie.split(/;\s?/).each do |pairs| name, values = pairs.split('=',2) next unless name and values name = CGI::unescape(name) diff --git a/actionpack/test/controller/cgi_test.rb b/actionpack/test/controller/cgi_test.rb index c0bb028d29..87f72fda77 100755 --- a/actionpack/test/controller/cgi_test.rb +++ b/actionpack/test/controller/cgi_test.rb @@ -4,8 +4,9 @@ require 'action_controller/cgi_process' class BaseCgiTest < Test::Unit::TestCase def setup @request_hash = {"HTTP_MAX_FORWARDS"=>"10", "SERVER_NAME"=>"glu.ttono.us:8007", "FCGI_ROLE"=>"RESPONDER", "HTTP_X_FORWARDED_HOST"=>"glu.ttono.us", "HTTP_ACCEPT_ENCODING"=>"gzip, deflate", "HTTP_USER_AGENT"=>"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/312.5.1 (KHTML, like Gecko) Safari/312.3.1", "PATH_INFO"=>"", "HTTP_ACCEPT_LANGUAGE"=>"en", "HTTP_HOST"=>"glu.ttono.us:8007", "SERVER_PROTOCOL"=>"HTTP/1.1", "REDIRECT_URI"=>"/dispatch.fcgi", "SCRIPT_NAME"=>"/dispatch.fcgi", "SERVER_ADDR"=>"207.7.108.53", "REMOTE_ADDR"=>"207.7.108.53", "SERVER_SOFTWARE"=>"lighttpd/1.4.5", "HTTP_COOKIE"=>"_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes", "HTTP_X_FORWARDED_SERVER"=>"glu.ttono.us", "REQUEST_URI"=>"/admin", "DOCUMENT_ROOT"=>"/home/kevinc/sites/typo/public", "SERVER_PORT"=>"8007", "QUERY_STRING"=>"", "REMOTE_PORT"=>"63137", "GATEWAY_INTERFACE"=>"CGI/1.1", "HTTP_X_FORWARDED_FOR"=>"65.88.180.234", "HTTP_ACCEPT"=>"*/*", "SCRIPT_FILENAME"=>"/home/kevinc/sites/typo/public/dispatch.fcgi", "REDIRECT_STATUS"=>"200", "REQUEST_METHOD"=>"GET"} - # cookie as returned by some Nokia phone browsers (no space after semicolon separator) - @alt_cookie_fmt_request_hash = {"HTTP_COOKIE"=>"_session_id=c84ace84796670c052c6ceb2451fb0f2;is_admin=yes"} + # some Nokia phone browsers omit the space after the semicolon separator. + # some developers have grown accustomed to using comma in cookie values. + @alt_cookie_fmt_request_hash = {"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"} @fake_cgi = Struct.new(:env_table).new(@request_hash) @request = ActionController::CgiRequest.new(@fake_cgi) end @@ -76,7 +77,7 @@ class CgiRequestTest < BaseCgiTest assert_equal ["yes"], cookies["is_admin"], cookies.inspect alt_cookies = CGI::Cookie::parse(@alt_cookie_fmt_request_hash["HTTP_COOKIE"]); - assert_equal ["c84ace84796670c052c6ceb2451fb0f2"], alt_cookies["_session_id"], alt_cookies.inspect + assert_equal ["c84ace847,96670c052c6ceb2451fb0f2"], alt_cookies["_session_id"], alt_cookies.inspect assert_equal ["yes"], alt_cookies["is_admin"], alt_cookies.inspect end end |