Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split HTTP::Cookies.from_headers into separate methods for server/client #10486

Merged
merged 1 commit into from
Mar 10, 2021
Merged

Split HTTP::Cookies.from_headers into separate methods for server/client #10486

merged 1 commit into from
Mar 10, 2021

Conversation

straight-shoota
Copy link
Member

HTTP::Cookies.from_headers populates a Cookie collection from HTTP headers. It parses both Cookie and Set-Cookie headers, which seems odd. They are distinct features you really never want to use in combination (you can't have both in the same set of headers).
In practice it means HTTP::Client accepts cookies defined by Cookie header and HTTP::Server accepts cookies defined by Set-Cookie header. Both is very confusing and could even offer an opportunity for abuse by circumventing the correct header mechanincs.

This patch deprecates {fill_,}from_headers and replaces it with distinct {fill_,}from_client_headers and {fill_,}from_server_headers methods.

@straight-shoota straight-shoota changed the title Split HTTP::Cookies.from_headers int separate methods for server/client Split HTTP::Cookies.from_headers into separate methods for server/client Mar 9, 2021
@bcardiff bcardiff added this to the 1.0.0 milestone Mar 9, 2021
sdogruyol
sdogruyol approved these changes Mar 10, 2021
View reviewed changes
Copy link
Member

@sdogruyol sdogruyol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @straight-shoota 🙏

@sdogruyol sdogruyol merged commit 7d0f64b into crystal-lang:master Mar 10, 2021
@straight-shoota straight-shoota deleted the fix/cookies-parse-context branch March 10, 2021 11:30
@ernest4 ernest4 mentioned this pull request Mar 26, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcardiff bcardiff bcardiff approved these changes

@sdogruyol sdogruyol sdogruyol approved these changes

Assignees
No one assigned
Labels
breaking-change kind:bug topic:stdlib:networking
Projects
None yet
Milestone
1.0.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@straight-shoota @bcardiff @sdogruyol