HTTP::Cookie.parse() should not raise an exception if it finds a bad name or value.

lib/http/cookie.rb

@@ -281,7 +281,12 @@ class HTTP::Cookie
         Scanner.new(set_cookie, logger).scan_set_cookie { |name, value, attrs|
           break if name.nil? || name.empty?
 
-          cookie = new(name, value)
+          begin
+            cookie = new(name, value)
+          rescue => e
+            logger.warn("Invalid name or value: #{e}") if logger
+            next
+          end
           cookie.created_at = created_at if created_at
           attrs.each { |aname, avalue|
             begin

test/test_http_cookie.rb

@@ -126,6 +126,22 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal 0, HTTP::Cookie.parse(cookie, url).size
   end
 
+  def test_parse_bad_name
+    cookie = "a\001b=c"
+    url = URI.parse('http://www.example.com/')
+    assert_nothing_raised {
+      assert_equal 0, HTTP::Cookie.parse(cookie, url).size
+    }
+  end
+
+  def test_parse_bad_value
+    cookie = "a=b\001c"
+    url = URI.parse('http://www.example.com/')
+    assert_nothing_raised {
+      assert_equal 0, HTTP::Cookie.parse(cookie, url).size
+    }
+  end
+
   def test_parse_weird_cookie
     cookie = 'n/a, ASPSESSIONIDCSRRQDQR=FBLDGHPBNDJCPCGNCPAENELB; path=/'
     url = URI.parse('http://www.searchinnovation.com/')