- Cookie#acceptable? is added, which is called by such methods as
Cookie.parse and CookieJar#add.
- Cookie#origin= no longer raises ArgumentError just because it
conflicts with the domain.
- Cookie#origin= raises ArgumentError if it is given an object that is
not URI or string-like.
I made the uri parameter optional when I introduced the origin
attribute, but on second thought it should always be given.
I'm making the origin parameter fixed and mandatory again, but this
time it comes next to set_cookie. This order should look more natural
because the one that comes first is to be parsed.
Since Mechanize::Cookie.parse required the uri parameter to be a URI
object, backward compatibility is still possible.
Now #expire returns created_at + max_age when expires is nil.
Cookie.parse: the :date keyword is renamed to :created_at, and the
value is set to in parsed cookies via #created_at.
In YAML serialization, #max_age is stored.
The new parser is almost RFC 6265 compliant as the previous
implementation but has some extensions:
- It can parse double-quoted values with unsafe characters inside
escaped with the backslash.
- It parses a date value of the expires attribute in the way the RFC
describes, with an exception that it allows omission of the seconds
field. Some of the broken date representations that used to pass
are now treated as error and ignored.
- It can parse a Set-Cookie value that contains multiple cookie
definitions separated by comma, and commas put inside double quotes
are not mistaken as definition separator.
Escaping with the backslash character is not mentioned in the RFC but
the backslash character is not allowed here anyway, so just be nice
and support it for legacy applications.
Change the signature of HTTP::Cookie.parse() so that it only
optionally takes an origin URI. When one is given, the method checks
if each piece of cookie in the header value is valid and acceptable
from the origin to ignore unacceptable cookies.
