From 2dbceab3612713eef239a40467de9948ca621856 Mon Sep 17 00:00:00 2001
From: Michael Koziarski <michael@koziarski.com>
Date: Sun, 10 Feb 2008 01:13:33 +0000
Subject: [PATCH] Don't split cookies on comma also. References r8505.

git-svn-id: http://svn-commit.rubyonrails.org/rails/branches/2-0-stable@8843 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 actionpack/lib/action_controller/cgi_ext/cookie.rb | 2 +-
 actionpack/test/controller/cgi_test.rb             | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/actionpack/lib/action_controller/cgi_ext/cookie.rb b/actionpack/lib/action_controller/cgi_ext/cookie.rb
index 07d2f08d5a412..c7ea1b64438ef 100644
--- a/actionpack/lib/action_controller/cgi_ext/cookie.rb
+++ b/actionpack/lib/action_controller/cgi_ext/cookie.rb
@@ -89,7 +89,7 @@ def self.parse(raw_cookie)
       cookies = Hash.new([])
 
       if raw_cookie
-        raw_cookie.split(/[;,]\s?/).each do |pairs|
+        raw_cookie.split(/;\s?/).each do |pairs|
           name, values = pairs.split('=',2)
           next unless name and values
           name = CGI::unescape(name)
diff --git a/actionpack/test/controller/cgi_test.rb b/actionpack/test/controller/cgi_test.rb
index 021781df98b43..5e7429f9013a8 100755
--- a/actionpack/test/controller/cgi_test.rb
+++ b/actionpack/test/controller/cgi_test.rb
@@ -4,8 +4,9 @@
 class BaseCgiTest < Test::Unit::TestCase
   def setup
     @request_hash = {"HTTP_MAX_FORWARDS"=>"10", "SERVER_NAME"=>"glu.ttono.us:8007", "FCGI_ROLE"=>"RESPONDER", "HTTP_X_FORWARDED_HOST"=>"glu.ttono.us", "HTTP_ACCEPT_ENCODING"=>"gzip, deflate", "HTTP_USER_AGENT"=>"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/312.5.1 (KHTML, like Gecko) Safari/312.3.1", "PATH_INFO"=>"", "HTTP_ACCEPT_LANGUAGE"=>"en", "HTTP_HOST"=>"glu.ttono.us:8007", "SERVER_PROTOCOL"=>"HTTP/1.1", "REDIRECT_URI"=>"/dispatch.fcgi", "SCRIPT_NAME"=>"/dispatch.fcgi", "SERVER_ADDR"=>"207.7.108.53", "REMOTE_ADDR"=>"207.7.108.53", "SERVER_SOFTWARE"=>"lighttpd/1.4.5", "HTTP_COOKIE"=>"_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes", "HTTP_X_FORWARDED_SERVER"=>"glu.ttono.us", "REQUEST_URI"=>"/admin", "DOCUMENT_ROOT"=>"/home/kevinc/sites/typo/public", "SERVER_PORT"=>"8007", "QUERY_STRING"=>"", "REMOTE_PORT"=>"63137", "GATEWAY_INTERFACE"=>"CGI/1.1", "HTTP_X_FORWARDED_FOR"=>"65.88.180.234", "HTTP_ACCEPT"=>"*/*", "SCRIPT_FILENAME"=>"/home/kevinc/sites/typo/public/dispatch.fcgi", "REDIRECT_STATUS"=>"200", "REQUEST_METHOD"=>"GET"}
-    # cookie as returned by some Nokia phone browsers (no space after semicolon separator)
-    @alt_cookie_fmt_request_hash = {"HTTP_COOKIE"=>"_session_id=c84ace84796670c052c6ceb2451fb0f2;is_admin=yes"}
+    # some Nokia phone browsers omit the space after the semicolon separator.
+    # some developers have grown accustomed to using comma in cookie values.
+    @alt_cookie_fmt_request_hash = {"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"}
     @fake_cgi = Struct.new(:env_table).new(@request_hash)
     @request = ActionController::CgiRequest.new(@fake_cgi)
   end
@@ -76,7 +77,7 @@ def test_cookie_syntax_resilience
     assert_equal ["yes"], cookies["is_admin"], cookies.inspect
 
     alt_cookies = CGI::Cookie::parse(@alt_cookie_fmt_request_hash["HTTP_COOKIE"]);
-    assert_equal ["c84ace84796670c052c6ceb2451fb0f2"], alt_cookies["_session_id"], alt_cookies.inspect
+    assert_equal ["c84ace847,96670c052c6ceb2451fb0f2"], alt_cookies["_session_id"], alt_cookies.inspect
     assert_equal ["yes"], alt_cookies["is_admin"], alt_cookies.inspect
   end
 end