From fa45e028a753829c743d31a11dc700277f64834c Mon Sep 17 00:00:00 2001
From: Akinori MUSHA <knu@idaemons.org>
Date: Mon, 22 Oct 2012 13:08:28 +0900
Subject: [PATCH] Treat an empty path as '/'.

HTTP::CookieJar#cookies: Do not modify a given URI.  Remove a
redundant cleanup() call.
---
 lib/http/cookie.rb       | 20 ++++++++++++++++++--
 lib/http/cookie_jar.rb   |  3 ---
 test/test_http_cookie.rb |  3 +++
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/lib/http/cookie.rb b/lib/http/cookie.rb
index f3ba8c7..517b998 100644
--- a/lib/http/cookie.rb
+++ b/lib/http/cookie.rb
@@ -287,6 +287,22 @@ class HTTP::Cookie
     @domain = @domain_name.hostname
   end
 
+  def normalize_uri_path(uri)
+    # Currently does not replace // to /
+    uri.path.empty? ? uri + '/' : uri
+  end
+  private :normalize_uri_path
+
+  def normalize_path(path)
+    # Currently does not replace // to /
+    path.empty? ? '/' : path
+  end
+  private :normalize_path
+
+  def path=(path)
+    @path = normalize_path(path)
+  end
+
   def origin=(origin)
     @origin.nil? or
       raise ArgumentError, "origin cannot be changed once it is set"
@@ -294,7 +310,7 @@ class HTTP::Cookie
     acceptable_from_uri?(origin) or
       raise ArgumentError, "unacceptable cookie sent from URI #{origin}"
     self.domain ||= origin.host
-    self.path   ||= (origin + './').path
+    self.path   ||= (normalize_uri_path(origin) + './').path
     @origin = origin
   end
 
@@ -337,7 +353,7 @@ class HTTP::Cookie
       raise "cannot tell if this cookie is valid because the domain is unknown"
     end
     return false if secure? && uri.scheme != 'https'
-    acceptable_from_uri?(uri) && uri.path.start_with?(@path)
+    acceptable_from_uri?(uri) && normalize_path(uri.path).start_with?(@path)
   end
 
   def to_s
diff --git a/lib/http/cookie_jar.rb b/lib/http/cookie_jar.rb
index 357f507..0889c07 100644
--- a/lib/http/cookie_jar.rb
+++ b/lib/http/cookie_jar.rb
@@ -33,10 +33,7 @@ class HTTP::CookieJar
 
   # Fetch the cookies that should be used for the URI object passed in.
   def cookies(url)
-    cleanup
-    url.path = '/' if url.path.empty?
     now = Time.now
-
     select { |cookie|
       !cookie.expired? && cookie.valid_for_uri?(url) && (cookie.accessed_at = now)
     }.sort
diff --git a/test/test_http_cookie.rb b/test/test_http_cookie.rb
index e497067..f6ed311 100644
--- a/test/test_http_cookie.rb
+++ b/test/test_http_cookie.rb
@@ -607,6 +607,9 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal false, cookie.valid_for_uri?(URI('http://example.com/dir/test.html'))
     assert_equal false, cookie.valid_for_uri?(URI('https://example.com/dir2/test.html'))
     assert_equal false, cookie.valid_for_uri?(URI('http://example.com/dir2/test.html'))
+
+    cookie = HTTP::Cookie.parse('a=b', :origin => URI('https://example.com/')).first
+    assert_equal true,  cookie.valid_for_uri?(URI('https://example.com'))
   end
 end