Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Cookie names do not respect case #71

Closed
Firehed opened this Issue · 1 comment

2 participants

Firehed Assaf Arkin
Firehed

If the server sends a cookie with an uppercase name (ex. PHP's default session cookie, PHPSESSID), Zombie sends that cookie back to the server with a lowercased name on subsequent requests, which may cause the server to ignore it.

console.log(browser.lastResponse.headers):
{ server: 'nginx/0.7.67'
, date: 'Sun, 30 Jan 2011 22:33:21 GMT'
, 'content-type': 'text/html; charset=UTF-8'
, 'transfer-encoding': 'chunked'
, connection: 'close'
, vary: 'Accept-Encoding'
, 'set-cookie': 'PHPSESSID=hr1o146trejdk09tlb2pnuavd4; path=/; domain=zombie-test.com'
, expires: 'Thu, 19 Nov 1981 08:52:00 GMT'
, 'cache-control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0'
, pragma: 'no-cache'
}
console.log(browser.document.cookie):
phpsessid=hr1o146trejdk09tlb2pnuavd4
The above value (lowercased key) is mirrored at the server on subsequent requests.

This is my first time trying to submit a patch to github so hopefully it works :) I just skimmed the cookie RFC and it doesn't look like any case mangling should occur.

From 18dacaa9e5f85c6f6ea9ea52fa5e9462e79c66f7 Mon Sep 17 00:00:00 2001
From: Eric Stern <firehed@gmail.com>
Date: Sun, 30 Jan 2011 14:49:57 -0800
Subject: [PATCH] Correct issue where cookie names did not respect case

---
 src/zombie/cookies.coffee |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/src/zombie/cookies.coffee b/src/zombie/cookies.coffee
index def8c0f..2f4a410 100644
--- a/src/zombie/cookies.coffee
+++ b/src/zombie/cookies.coffee
@@ -66,7 +66,6 @@ class Cookies
     this.set = (name, value, options = {})->
       return if options.domain && !domainMatch(options.domain, hostname)

-      name = name.toLowerCase()
       state = { value: value.toString() }
       if options.expires
         state.expires = options.expires.getTime()
-- 
1.7.1
Assaf Arkin
Owner

Thanks, fixed in head.

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.