sjs/http-cookie
1
0
Fork 0
mirror of https://github.com/samsonjs/http-cookie.git synced 2026-03-25 08:55:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
321 commits 1 branch 0 tags 450 KiB
Commit graph

120 commits

Author SHA1 Message Date
Mike Dalessio
554d38a863
test: get to passing on JRuby 
- update error message
- avoid race condition on cookie expiration
 2024-03-23 17:25:14 -04:00
Akinori Musha
94e2b85861
Merge pull request #42 from andrelaszlo/abstract_store_fix_error_formatting_bug 
Fix error formatting bug in HTTP::CookieJar::AbstractStore
 2023-11-13 23:02:13 +09:00
Akinori MUSHA
8930674adf Change the custom URI parser to be a bit more conservative 
First try the default URI(), and if it fails relax the restrictions on
the path component as a fallback.
 2023-11-02 01:48:31 +09:00
Christian Schmidt
052479536c Allow non-RFC 3986-compliant URLs 2023-10-12 18:34:07 +02:00
André Laszlo
e7f2eb26e1 Add unit test 2023-02-13 18:53:02 +01:00
Akinori MUSHA
d12449a983 Fix tests in the same way as the YAMLSaver implementation 2022-05-25 15:26:53 +09:00
Akinori MUSHA
28a7478d83 Improve tests with $LOADED_FEATURES 2021-06-07 16:05:23 +09:00
Akinori MUSHA
24b5d407d9 Merge pull request #10 from marxarelli/fix/host-only-cookie-domain-comparison 
Fix host-only cookies for unqualified hostnames
 2016-12-09 21:48:59 +09:00
Akinori MUSHA
7f94a9e5d9 Treat comma as normal character in HTTP::Cookie.cookie_value_to_hash 
As pointed out in CVE-2016-7401, treating comma in a Cookie header value
as separator may cause security problems.
 2016-09-30 19:20:39 +09:00
Dan Duvall
69154b11dd Fix host-only cookies for unqualified hostnames 
Removed comparison against `DomainName#cookie_domain?` during filtering
of jar cookies. It was redundant considering the later call to
`HTTP::Cookie#valid_for_url?` and prevented valid host-only cookies from
being considered for unqualified hostnames (e.g. "localhost").

RFC 6265 (5.4) does not restrict host-only cookies from being used with
such unqualified names as it does for cookies with the domain attribute
set.
 2015-09-02 12:57:11 -07:00
Akinori MUSHA
391ada20d0 HTTP::Cookie.parse() should not raise an exception if it finds a bad name or value. 2013-09-10 14:48:29 +09:00
Akinori MUSHA
40aba54618 Accept a class object where a symbol addressing a class is accepted. 
Convert IndexError to ArgumentError, and ArgumentError to TypeError as
appropriate.
 2013-04-21 20:35:17 +09:00
Akinori MUSHA
a0202e2192 Cookie#max_age= should not reset #expires when it fails. 2013-04-18 22:22:11 +09:00
Akinori MUSHA
4ef2147138 Fix $LOADED_FEATURES comparison with Ruby 1.8. 2013-04-16 21:56:29 +09:00
Akinori MUSHA
bafb83fc06 Let AbstractStore & AbstractSaver autoloaded and add tests for autoloading. 2013-04-16 16:49:27 +09:00
Akinori MUSHA
04950f6796 Cookie#new: Reject a mixed case symbol as keyword for simplicity. 
This fixes error with Ruby 1.8.
 2013-04-16 16:39:55 +09:00
Akinori MUSHA
20cb22bbb0 Increase GC threshold for shorter test time. 2013-04-16 10:21:52 +09:00
Akinori MUSHA
2bb7485460 Add tests for CookieJar#clone, #cleanup, expiration by #each and #empty?. 2013-04-16 15:05:00 +09:00
Akinori MUSHA
5bdb8f41ae Cookie#new prefers downcased symbols for keywords. 
Test warnings.
 2013-04-16 08:44:48 +09:00
Akinori MUSHA
8abf3483e8 Travis-CI keeps reporting SEGV in ruby 1.9.3p327, so disuse at_exit. 2013-04-16 02:20:54 +09:00
Akinori MUSHA
18dc77af9f Replace assert_send in at_exit with a simple message output. 2013-04-16 02:04:59 +09:00
Akinori MUSHA
b8170fb7e2 Increase the chance of having a finalizer called. 2013-04-16 01:52:59 +09:00
Akinori MUSHA
b02e800dfa Comment out unused/advisory bits to gain coverage. 2013-04-16 00:54:56 +09:00
Akinori MUSHA
ded02f8327 Make MozillaStore#close actually "work" by closing open statements. 
Add a finalizer to MozillaStore also, which automatically closes the
SQLite3 database.
 2013-04-16 00:04:54 +09:00
Akinori MUSHA
db58d2c8ab silently(): Use ensure. 2013-04-16 00:04:15 +09:00
Akinori MUSHA
e9230a00c1 Add tests for MozillaStore#upgrade_database and fix its bugs. 2013-04-16 00:03:03 +09:00
Akinori MUSHA
8e40fc3028 Test compatibility with a YAML file saved by Mechanize::Cookie. 2013-04-15 14:15:46 +09:00
Akinori MUSHA
d44218c2e2 Cookie#acceptable? should not raise ArgumentError when it takes no argument. 
Let CookieJar#add convert RuntimeError raised by acceptable? to
ArgumentError.
 2013-04-15 10:29:07 +09:00
Akinori MUSHA
28458101b6 HTTP::Cookie.set_cookie_value: Don't take an origin argument. 2013-04-15 08:54:09 +09:00
Akinori MUSHA
1a05bb4dd0 Add more tests. 2013-04-14 13:40:49 +09:00
Akinori MUSHA
028b77987c Gain more coverage. 2013-04-14 13:02:04 +09:00
Akinori MUSHA
655fc9eb56 Add tests for the constructor & store. 2013-04-14 12:19:11 +09:00
Akinori MUSHA
c9a8e29202 Fix a typo. 2013-04-14 12:19:10 +09:00
Akinori MUSHA
a1a130f156 CookieJar#parse: Use the block's return values to decide whether to add a cookie. 2013-04-14 12:10:28 +09:00
Akinori MUSHA
6fcc298b80 MozillaStore saves timestamps in seconds, so use a session cookie for testing. 2013-04-13 13:35:54 +09:00
Akinori MUSHA
9fec000a29 Slightly fix the timestamp tests. 2013-04-13 13:27:09 +09:00
Akinori MUSHA
17a3cbc970 Remove an unsupported keyword: session. 2013-04-13 12:57:13 +09:00
Akinori MUSHA
75267e8002 Use assert_send for comparison tests to see what is going on. 2013-04-12 23:18:06 +09:00
Akinori MUSHA
e1857d76a4 Add Cookie.cookie_value and Cookie.cookie_value_to_hash. 2013-04-12 02:15:13 +09:00
Akinori MUSHA
82e65b4a9b Allow assigning nil to the cookie value to make an expiration cookie. 
Cookie.new(): Make the value parameter can be omittable.
 2013-04-12 02:13:08 +09:00
Akinori MUSHA
917adc1abb Add a test for Cookie#accessed_at. 2013-04-12 01:25:04 +09:00
Akinori MUSHA
f3b8abdd8e Add CookieJar#delete(). 2013-04-12 01:19:39 +09:00
Akinori MUSHA
6689b3b7aa Drop support for obsolete attributes: version and comment. 2013-04-07 23:09:30 +09:00
Akinori MUSHA
9e46ce0d30 Cookie#max_age= should reject malformed strings. 2013-04-07 23:07:20 +09:00
Akinori MUSHA
f5f82c0304 Fix test_parse_bad_version and test_parse_bad_max_age. 2013-04-07 23:02:14 +09:00
Akinori MUSHA
7dba33bd40 Cookie#domain=: Fix handling of an empty string and let it accept nil. 2013-04-03 17:58:41 +09:00
Akinori MUSHA
ffabb614ad Perform acceptance check in CookieJar#add instead of origin=. 
- Cookie#acceptable? is added, which is called by such methods as
  Cookie.parse and CookieJar#add.

- Cookie#origin= no longer raises ArgumentError just because it
  conflicts with the domain.

- Cookie#origin= raises ArgumentError if it is given an object that is
  not URI or string-like.
 2013-04-03 17:57:27 +09:00
Akinori MUSHA
dc65a98907 HTTP::Cookie.parse: Change the signature again. 
I made the uri parameter optional when I introduced the origin
attribute, but on second thought it should always be given.

I'm making the origin parameter fixed and mandatory again, but this
time it comes next to set_cookie.  This order should look more natural
because the one that comes first is to be parsed.

Since Mechanize::Cookie.parse required the uri parameter to be a URI
object, backward compatibility is still possible.
 2013-03-29 01:39:30 +09:00
Akinori MUSHA
ef7bdeefba Cookie#cookie_value too should quote values if necessary. 2013-03-28 22:06:19 +09:00
Akinori MUSHA
2dc17ab7dc Better indentation while test is passing. 2013-03-28 19:24:05 +09:00