sjs/http-cookie
1
0
Fork 0
mirror of https://github.com/samsonjs/http-cookie.git synced 2026-03-25 08:55:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
335 commits 1 branch 0 tags 450 KiB
Commit graph

224 commits

Author SHA1 Message Date
Akinori MUSHA
26034253b1 Elaborate on the hash storage model. 2013-03-28 19:13:02 +09:00
Akinori MUSHA
4f526857aa Store special cookies properly. 
"Special" cookies here mean those of public suffixes and IP addresses.
 2013-03-28 19:10:14 +09:00
Akinori MUSHA
91b5184d96 Hold session cookies in an internal HashStore. 2013-03-28 19:10:14 +09:00
Akinori MUSHA
11a9df8559 Fix handling of the :for_domain option in HTTP::Cookie.new(). 2013-03-28 01:46:42 +09:00
Akinori MUSHA
add4a367fd Include MonitorMixin in store classes and make them thread-safe. 2013-03-28 01:05:22 +09:00
Akinori MUSHA
30e2915c1e Officially add AbstractStore#delete() as an API method. 2013-03-28 01:04:45 +09:00
Akinori MUSHA
19901a9d9c Edit rdoc. 2013-03-28 00:37:35 +09:00
Akinori MUSHA
a3a1acfee2 Even a host that equals a public suffix may not issue domain wide cookies. 
This is described in RFC 6265 5.3.
 2013-03-28 00:36:01 +09:00
Akinori MUSHA
c787b0b9dc Bump VERSION to 1.0.0.pre6. 2013-03-28 00:16:51 +09:00
Akinori MUSHA
e72b0fdbc5 YAMLServer#load: Add backward compatibility for reading YAML in the old format. 2013-03-28 00:13:32 +09:00
Akinori MUSHA
073d83b40c Cookie.new: Let max_age take precedence over expires. 2013-03-28 00:12:46 +09:00
Akinori MUSHA
fcb447164d Prefer __send__ to send. 2013-03-28 00:12:29 +09:00
Akinori MUSHA
8aa9ed9e6c Bump VERSION to 1.0.0.pre5. 2013-03-27 21:17:07 +09:00
Akinori MUSHA
c53579c231 Bump VERSION to 1.0.0.pre4. 2013-03-27 19:52:14 +09:00
Akinori MUSHA
eed7e57813 Use the cookie creation time as base time for Max-Age. 
Now #expire returns created_at + max_age when expires is nil.

Cookie.parse: the :date keyword is renamed to :created_at, and the
value is set to in parsed cookies via #created_at.

In YAML serialization, #max_age is stored.
 2013-03-27 19:50:30 +09:00
Akinori MUSHA
4512c333b4 MozillaStore: Add #filename, #close and #closed?. 2013-03-27 19:50:27 +09:00
Akinori MUSHA
a7575ae3df Improve documentation. 2013-03-27 18:17:56 +09:00
Akinori MUSHA
a0ea64da56 CookieJar.new: Pass the store class via a :store keyword. 2013-03-27 17:43:58 +09:00
Akinori MUSHA
b58736957d Bump VERSION to 1.0.0.pre3. 2013-03-27 16:10:11 +09:00
Akinori MUSHA
6fade20c59 Make GC threshold user specifiable. 2013-03-27 16:10:05 +09:00
Akinori MUSHA
69b3186666 Add MozillaStore. 2013-03-27 16:01:48 +09:00
Akinori MUSHA
bea9b1b502 each, cleanup: Fix the base date for expiration when the method starts. 
This change is to remove an assumption that the clock is monotonic.
 2013-03-27 15:10:03 +09:00
Akinori MUSHA
299bb24550 add(): Stop deleting an existing cookie when storing an expired cookie. 
This is a backout of what I've done previously.  Expiration check is
better done in extraction where a user can optionally specify a base
date.

Add an internal method delete() to delete an existing cookie.
 2013-03-27 14:58:22 +09:00
Akinori MUSHA
bd3ae6c1ae CookiestxtSaver: Hide HttpOnly cookies from old browsers. 
This trick is the one that has been used in Mozilla before switching
the cookie database to SQLite.
 2013-03-26 15:37:50 +09:00
Akinori MUSHA
8b78e3d1e4 CookiestxtSaver: Prefix the domain field with a dot if the domain flag is on. 
The leading dot itself should be meaningless since there is the second
field to tell if the cookie is issued for a domain and that was the
reason I once removed it, but on second thought it doesn't hurt to put
one.
 2013-03-26 15:37:50 +09:00
Akinori MUSHA
f2ea366de2 Add HTTP::Cookie#dot_domain. 2013-03-26 01:48:27 +09:00
Akinori MUSHA
f5bc5032dd No need to check validity here any more. 2013-03-26 01:43:19 +09:00
Akinori MUSHA
51da5e4c50 Do not touch and yield a cookie that should not be sent. 2013-03-26 01:43:06 +09:00
Akinori MUSHA
30920cae9c Bump VERSION to 1.0.0.pre2. 2013-03-23 02:03:17 +09:00
Akinori MUSHA
5b78957e19 Conform to RFC 6265 5.1.4 in that path=/a matches /a/* but not /ab. 
Remove HTTP::Cookie.normalize_path and add HTTP::Cookie.path_match?
instead for comparison.
 2013-03-23 02:02:56 +09:00
Akinori MUSHA
6dda359db1 Improve rdoc. 2013-03-23 00:37:21 +09:00
Akinori MUSHA
38f7e98f09 Replace compatibility errors with documentation. 
Leave compatibility stuff to Mechanize itself and just keep
http-cookie clean.
 2013-03-23 00:27:38 +09:00
Akinori MUSHA
ba3ea4cd33 Bump the version number high up to 1.0.0.pre1. 2013-03-21 17:56:08 +09:00
Akinori MUSHA
96dabc8288 Add 1.8 compatibility. 2013-03-21 17:31:05 +09:00
Akinori MUSHA
c442e8e0c8 The compatibility method clear! does not need to take arguments. 2013-03-21 17:30:25 +09:00
Akinori MUSHA
ddf74fee1e Rewrite the Set-Cookie header parser entirely. 
The new parser is almost RFC 6265 compliant as the previous
implementation but has some extensions:

- It can parse double-quoted values with unsafe characters inside
  escaped with the backslash.

- It parses a date value of the expires attribute in the way the RFC
  describes, with an exception that it allows omission of the seconds
  field.  Some of the broken date representations that used to pass
  are now treated as error and ignored.

- It can parse a Set-Cookie value that contains multiple cookie
  definitions separated by comma, and commas put inside double quotes
  are not mistaken as definition separator.
 2013-03-21 15:52:22 +09:00
Akinori MUSHA
b11aa95025 Initialize secure and httponly with false instead of nil. 2013-03-21 15:49:44 +09:00
Akinori MUSHA
6b6944b324 Add inspect. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
66f37b20dd Rename expire to expire!, to reduce the risk of making a typo. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
f04714741f Add expires_at as alias for expires. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
ae0b3834e7 Make path= accept a string-like. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
59370c79c3 Improve rdoc markups, migrating to Markdown. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
5d0bc5f67d Disallow some more bad characters in name=/value=. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
cc6780a5bc A relative path must be treated as the root path as per RFC 6265 5.1.4. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
28eabedcd3 Use __send__() instead of send(). 2013-03-21 15:46:45 +09:00
Akinori MUSHA
b78271db6d Remove an obsolete part. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
f14c1786cd Make expires and max_age affect each other and drop session=(). 2013-03-21 15:46:45 +09:00
Akinori MUSHA
1c7b660c85 Improve comments. 2013-03-21 15:46:45 +09:00
Akinori MUSHA
7d81c10914 A cookie value may be DQUOTE'd as per RFC 6265 2.2. 
Escaping with the backslash character is not mentioned in the RFC but
the backslash character is not allowed here anyway, so just be nice
and support it for legacy applications.
 2013-03-21 15:46:45 +09:00
Akinori MUSHA
4532f190cc Avoid 1.9 syntax. 2013-03-18 01:05:03 +09:00
Akinori MUSHA
1eb25f4ab9 Bump VERSION to 0.1.5. 2013-03-18 00:53:14 +09:00
Akinori MUSHA
1a7c38e9e0 Apply minor code improvements. 2013-03-18 00:40:47 +09:00
Akinori MUSHA
c389a52e2c Drop dependency on WEBrick::HTTPUtils. 2013-03-18 00:09:01 +09:00
Akinori MUSHA
3e61ef78a2 Require 'uri'. 2013-03-17 23:56:58 +09:00
Akinori MUSHA
cbb25195d4 Bump VERSION to 0.1.4. 2013-03-15 19:25:16 +09:00
Akinori MUSHA
fc8ddebce0 Fix a terrible typo that kept YAMLServer from working. :( 2013-03-15 19:24:20 +09:00
Akinori MUSHA
c6d28de9b7 Improve documentation. 2013-03-15 19:22:39 +09:00
Akinori MUSHA
d2cb5ff69d Bump VERSION to 0.1.3. 2013-03-15 12:31:49 +09:00
Akinori MUSHA
15f960bfbd Reduce warnings. 2013-03-15 12:31:19 +09:00
Akinori MUSHA
4845b0de94 Trying to preload psych only on Ruby 1.9.2. 2013-03-15 12:29:54 +09:00
Akinori MUSHA
631608f82d Bump VERSION to 0.1.2. 2013-03-15 12:14:58 +09:00
Akinori MUSHA
59ddb58b25 1.8 compatibility; Use IndexError instead of KeyError. 2013-03-15 12:11:38 +09:00
Akinori MUSHA
05e5d332df These autoloads do not serve much. 2013-03-15 12:10:22 +09:00
Akinori MUSHA
236f3af719 Extend URI() globally. URI() is like everywhere by now. 2013-03-15 12:08:45 +09:00
Akinori MUSHA
a74db60721 Bump VERSION to 0.1.1. 2013-03-15 11:36:58 +09:00
Akinori MUSHA
8be03978a0 Make each(uri) not fail if a non-HTTP URL is given. 
Fix documents with #each.  The uri argument was not made a keyword
argument.

Guarantee that the +uri+ given to AbstractStore#each() is a URI
object.

Make HashStore#each return self as required.
 2013-03-15 11:33:54 +09:00
Akinori MUSHA
9d3975f641 A Store class should define empty?. 2013-03-15 11:27:02 +09:00
Akinori MUSHA
b86690cb21 Check if the scheme is http(s) and the host is non-nil in URI. 2013-03-15 11:21:57 +09:00
Akinori MUSHA
c2e0dbb96f Bump VERSION to 0.1.0. 2013-03-15 10:52:04 +09:00
Akinori MUSHA
5cebc4e56d Ignore incompatible YAML data. 2013-03-15 10:46:50 +09:00
Akinori MUSHA
c0d5f3a121 Add error messages to make migration from Mechanize::Cookie easier. 
Add a section to elaborate on the incompatibilities to README.md.
 2013-03-15 05:53:11 +09:00
Akinori MUSHA
8d8f01fa81 Cap the numbers of cookies per domain and cookies total, respectively. 
This is implemented in HashStore#cleanup(), which is automatically
called by #add() after every 150 updates.
 2013-03-15 04:20:59 +09:00
Akinori MUSHA
d004408296 Introduce an abstraction layer for the cookie store. 
CookieJar#jar is removed and #store is added instead.
 2013-03-15 04:20:59 +09:00
Akinori MUSHA
1f5eb6bc7f Introduce an abstraction layer for saving (serializing) CookieJar. 
CookieJar#save is the new name for the now obsolete #save_as.

CookieJar#save and #load now accept IO-like instead of a filename.

Change the YAML file format, and make #load discard incompatible data.
 2013-03-15 04:20:59 +09:00
Akinori MUSHA
fd7450717a Implement HTTP::CookieJar#empty? without an argument. 2013-03-15 04:20:59 +09:00
Akinori MUSHA
a831fc424c Add HTTP::Cookie#set_cookie_value, and alias #cookie_value to #to_s. 2013-03-15 04:20:59 +09:00
Akinori MUSHA
f60e678cb8 Do not store a cookie if it is already expired at the time of adding. 2013-03-15 04:20:59 +09:00
Akinori MUSHA
1fcf008cf0 Make HTTP::Cookie#expired? optionally take a time. 2013-03-15 04:20:59 +09:00
Akinori MUSHA
d8be652a92 Add HTTP::Cookie#expire. 2013-03-15 04:20:58 +09:00
Akinori MUSHA
91193dace3 Fix saving in the cookies.txt format. Expires values were broken. 
Remove duplicate and incomplete tests.
 2013-03-15 04:20:58 +09:00
Akinori MUSHA
84d375e3b7 Make HTTP::Cookie.parse() reject cookies longer than 4096 bytes. 
This limit is defined as HTTP::Cookie::MAX_LENGTH.
 2013-03-15 04:20:58 +09:00
Akinori MUSHA
10e9ca5c60 Add HTTP::Cookie#session? as an alias for #session. 2013-03-15 04:20:58 +09:00
Akinori MUSHA
9d842404e3 Fix <=> so that two cookies of different values are not equal. 2013-03-12 18:32:18 +09:00
Akinori MUSHA
7554bffb32 Allow passing a base time to HTTP::Cookie.parse() via :date. 2013-03-12 18:32:18 +09:00
Akinori MUSHA
6d8fb94f83 Add support for the HttpOnly attribute. 
New methods are added to HTTP::Cookie: httponly?, httponly=
 2013-03-12 18:32:18 +09:00
Akinori MUSHA
f79387080b Use Hash#clear rather than creating a new one. 2013-03-08 21:31:11 +09:00
Akinori MUSHA
5f21b364d3 Remove an unused variable to suppress warning. 2013-03-08 21:31:11 +09:00
Akinori MUSHA
b05008d996 Always initialize @origin to suppress warning. 2013-03-08 21:31:11 +09:00
Akinori MUSHA
3ec9dc3200 Reduce warnings from the interpreter. (method redefinition) 2013-03-08 21:31:11 +09:00
Mike Morearty
184fae797e Slight change to cookie-jar header 
Instead of "Netscape HTTP Cookie File", now writing "HTTP Cookie File".
Python's cookie code recognizes either one.
 2013-02-18 15:54:14 -08:00
Mike Morearty
0decfe98b7 Add header line when writing to cookies.txt 
When Python is reading a Netscape-format cookies.txt file, it seems to
require an initial line that looks like this:

    # Netscape HTTP Cookie File
 2013-02-17 18:23:32 -08:00
Akinori MUSHA
f4cd8ffb58 Hide load_yaml, renaming to require_yaml. 2012-10-22 15:14:19 +09:00
Akinori MUSHA
2a9476707c HTTP::CookieJar#load: Use File.open() instead of Kernel#open(). 2012-10-22 15:10:34 +09:00
Akinori MUSHA
7fa5b10df6 HTTP::CookieJar#each: Take an optional URL/URI which is used as a scope. 
Do not call cleanup in each or cookies.
 2012-10-22 15:08:08 +09:00
Akinori MUSHA
7c5ac21d0f HTTP::CookieJar#cleanup: Use delete_if. 2012-10-22 15:03:36 +09:00
Akinori MUSHA
b7254599bd Try not to expose @jar in normal methods. 2012-10-22 14:52:30 +09:00
Akinori MUSHA
c7247cf965 HTTP::CookieJar#empty?: Optimize. 2012-10-22 14:51:59 +09:00
Akinori MUSHA
1731b155e6 HTTP::CookieJar#add: Check if both the domain and path of the cookie are set. 2012-10-22 14:50:49 +09:00
Akinori MUSHA
82deac2f19 HTTP::Cookie#origin=: Acceptability check must be performed after setting the domain and path. 2012-10-22 14:50:13 +09:00
Akinori MUSHA
fa45e028a7 Treat an empty path as '/'. 
HTTP::CookieJar#cookies: Do not modify a given URI.  Remove a
redundant cleanup() call.
 2012-10-22 14:21:46 +09:00
Akinori MUSHA
24e9b26004 HTTP::CookieJar#add: Use the hostname of domain_name. 2012-10-22 12:59:08 +09:00
Akinori MUSHA
a47a849387 Define HTTP::Cookie#name= with validation. 2012-10-22 03:52:25 +09:00
Akinori MUSHA
e18013e25e Each record in cookies.txt must have seven columns at most. 2012-10-22 03:51:10 +09:00
Akinori MUSHA
c727d39076 Move cookies.txt parser and serializer from HTTP::CookieJar to HTTP::Cookie. 
Fix a bug where anything after '#' in cookies.txt are removed.
 2012-10-22 03:30:01 +09:00
Akinori MUSHA
95c702f99b Rename HTTP::CookieJar#add! to HTTP::CookieJar#add removing the original #add. 2012-10-22 02:39:20 +09:00
Akinori MUSHA
d2f31d90b5 HTTP::Cookie.new: Delay setting of origin. 2012-10-22 02:20:43 +09:00
Akinori MUSHA
ae4a9d8d40 Make HTTP::Cookie Comparable. 2012-10-22 01:02:00 +09:00
Akinori MUSHA
d59a0ee5ca Define a custom YAML encoder and decoder. 
Drop support for deserializing YAML made with Mechanize <2.1.
 2012-10-22 01:02:00 +09:00
Akinori MUSHA
aa64d3d98b Rename HTTP::Cookie#clear! to clear. 2012-10-21 23:48:57 +09:00
Akinori MUSHA
fe65dbfb89 Add HTTP::Cookie#domain_name. 2012-10-21 23:48:21 +09:00
Akinori MUSHA
232906e0c3 Remove obsolete instance variables. 2012-10-22 01:01:59 +09:00
Akinori MUSHA
39d6965ed9 Use String.try_convert if available. 2012-10-21 19:12:13 +09:00
Akinori MUSHA
dd3ca9a0f1 Inhibit a domain-less cookie from being used for checking validity. 2012-10-18 19:00:33 +09:00
Akinori MUSHA
c3e4fae60c Refer to the instance variable @domain instead of the accessor. 2012-10-18 18:59:37 +09:00
Akinori MUSHA
75f7ee6505 Make valid_for_uri? and acceptable_from_uri? accept a URL string also. 2012-10-18 18:57:46 +09:00
Akinori MUSHA
79ab0ffabf Oops, fix infinite recursive calls of URI(). 2012-10-18 18:40:39 +09:00
Akinori MUSHA
1a471513de Disallow changing the origin of a cookie once it is set. 2012-10-17 22:35:30 +09:00
Akinori MUSHA
532101a102 Introduce a new cookie object attribute "origin". 
Change the signature of HTTP::Cookie.parse() so that it only
optionally takes an origin URI.  When one is given, the method checks
if each piece of cookie in the header value is valid and acceptable
from the origin to ignore unacceptable cookies.
 2012-10-17 22:35:30 +09:00
Akinori MUSHA
a1e5e1628a Prepare for using URI(url_or_uri). 2012-10-17 22:35:28 +09:00
Akinori MUSHA
c23dafe8c3 Document that HTTP::Cookie.parse takes an optional block. 2012-10-17 22:35:08 +09:00
Akinori MUSHA
905cd2bc26 HTTP::Cookie.parse now returns an compacted array. 2012-10-17 22:34:29 +09:00
Akinori MUSHA
6110545ff9 Drop HTTP::Cookie#set_domain. 2012-10-17 22:30:07 +09:00
Akinori MUSHA
0cf86222f6 Booleanize the value if the key name is suffixed with a "?". 
Neglect the "!" suffix that is not suitable for an attribute name
while at it.
 2012-10-17 20:26:40 +09:00
Akinori MUSHA
060fc63c2a Import cookie related stuff from Mechanize. 2012-10-14 18:52:52 +09:00