Implement cookie expiration.

Only when a cookies domain, path, and name match the previous values should a cookie be cleared when expires is in the past.
cakephp · Jan 14, 2013 · a17e510 · a17e510
1 parent 4c3c1b2
commit a17e510
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 16 deletions.
diff --git a/lib/Cake/Network/Http/Cookies.php b/lib/Cake/Network/Http/Cookies.php
@@ -48,20 +48,23 @@ public function store(Response $response, $url) {
 
 		$cookies = $response->cookies();
 		foreach ($cookies as $name => $cookie) {
+			if (empty($cookie['domain'])) {
+				$cookie['domain'] = $host;
+			}
+			if (empty($cookie['path'])) {
+				$cookie['path'] = $path;
+			}
+			$key = implode(';', [$cookie['name'], $cookie['domain'], $cookie['path']]);
+
 			$expires = isset($cookie['expires']) ? $cookie['expires'] : false;
 			if ($expires) {
 				$expires = \DateTime::createFromFormat('D, j-M-Y H:i:s e', $expires);
 			}
 			if ($expires && $expires->getTimestamp() <= time()) {
+				unset($this->_cookies[$key]);
 				continue;
 			}
-			if (empty($cookie['domain'])) {
-				$cookie['domain'] = $host;
-			}
-			if (empty($cookie['path'])) {
-				$cookie['path'] = $path;
-			}
-			$this->_cookies[] = $cookie;
+			$this->_cookies[$key] = $cookie;
 		}
 	}
 
@@ -108,7 +111,7 @@ public function get($url) {
  * @return array
  */
 	public function getAll() {
-		return $this->_cookies;
+		return array_values($this->_cookies);
 	}
 
 }
diff --git a/lib/Cake/Test/TestCase/Network/Http/CookiesTest.php b/lib/Cake/Test/TestCase/Network/Http/CookiesTest.php
@@ -103,6 +103,61 @@ public function testStoreSecure() {
 		$this->assertEquals($expected, $result);
 	}
 
+/**
+ * test storing an expired cookie clears existing ones too.
+ *
+ * @return void
+ */
+	public function testStoreExpiring() {
+		$headers = [
+			'HTTP/1.0 200 Ok',
+			'Set-Cookie: first=1',
+			'Set-Cookie: second=2; Path=/',
+		];
+		$response = new Response($headers, '');
+		$this->cookies->store($response, 'http://example.com/some/path');
+
+		$result = $this->cookies->getAll();
+		$this->assertCount(2, $result);
+
+		$headers = [
+			'HTTP/1.0 200 Ok',
+			'Set-Cookie: first=1; Expires=Wed, 09-Jun-1999 10:18:14 GMT',
+		];
+		$response = new Response($headers, '');
+		$this->cookies->store($response, 'http://example.com/');
+		$result = $this->cookies->getAll();
+		$this->assertCount(2, $result, 'Path does not match, no expiration');
+
+		$headers = [
+			'HTTP/1.0 200 Ok',
+			'Set-Cookie: first=1; Domain=.foo.example.com; Expires=Wed, 09-Jun-1999 10:18:14 GMT',
+		];
+		$response = new Response($headers, '');
+		$this->cookies->store($response, 'http://example.com/some/path');
+		$result = $this->cookies->getAll();
+		$this->assertCount(2, $result, 'Domain does not match, no expiration');
+
+		$headers = [
+			'HTTP/1.0 200 Ok',
+			'Set-Cookie: first=1; Expires=Wed, 09-Jun-1999 10:18:14 GMT',
+		];
+		$response = new Response($headers, '');
+		$this->cookies->store($response, 'http://example.com/some/path');
+		$result = $this->cookies->getAll();
+		$this->assertCount(1, $result, 'Domain does not match, no expiration');
+
+		$expected = [
+			[
+				'name' => 'second',
+				'value' => '2',
+				'path' => '/',
+				'domain' => 'example.com'
+			],
+		];
+		$this->assertEquals($expected, $result);
+	}
+
 /**
  * test getting cookies with secure flags
  *
@@ -155,8 +210,10 @@ public function testGetMatchingPath() {
 
 /**
  * Test getting cookies matching on paths exactly
+ *
+ * @return void
  */
-	public function testGetMatchingDomainExact() {
+	public function testGetMatchingDomain() {
 		$headers = [
 			'HTTP/1.0 200 Ok',
 			'Set-Cookie: first=1; Domain=.example.com',
@@ -186,11 +243,4 @@ public function testGetMatchingDomainExact() {
 		$this->assertEquals($expected, $result);
 	}
 
-/**
- * Test getting cookies matching on paths
- */
-	public function testGetMatchingDomain() {
-	}
-
-
 }