From 7d81c10914a5115eca1afcc894887d36e2c42df6 Mon Sep 17 00:00:00 2001
From: Akinori MUSHA <knu@idaemons.org>
Date: Tue, 19 Mar 2013 20:35:56 +0900
Subject: [PATCH] A cookie value may be DQUOTE'd as per RFC 6265 2.2.

Escaping with the backslash character is not mentioned in the RFC but
the backslash character is not allowed here anyway, so just be nice
and support it for legacy applications.
---
 lib/http/cookie.rb       | 6 ++++++
 test/test_http_cookie.rb | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/http/cookie.rb b/lib/http/cookie.rb
index 73030bf..f2ffbe9 100644
--- a/lib/http/cookie.rb
+++ b/lib/http/cookie.rb
@@ -190,6 +190,12 @@ class HTTP::Cookie
           first_elem, *cookie_elem = c.split(/;+/)
           first_elem.strip!
           key, value = first_elem.split(/\=/, 2)
+          # RFC 6265 2.2
+          # A cookie-value may be DQUOTE'd.
+          case value
+          when /\A"(.*)"\z/
+            value = $1.gsub(/\\(.)/, "\\1")
+          end
 
           begin
             cookie = new(key, value.dup)
diff --git a/test/test_http_cookie.rb b/test/test_http_cookie.rb
index c5f7466..f1381e2 100644
--- a/test/test_http_cookie.rb
+++ b/test/test_http_cookie.rb
@@ -101,7 +101,7 @@ class TestHTTPCookie < Test::Unit::TestCase
 
     assert_equal 1, HTTP::Cookie.parse(cookie_str, :origin => uri) { |cookie|
       assert_equal 'quoted', cookie.name
-      assert_equal '"value"', cookie.value
+      assert_equal 'value', cookie.value
       assert_equal 'comment is "comment"', cookie.comment
     }.size
   end