Skip to content
Permalink
Browse files

Fix cookies case sensitive

  • Loading branch information...
e5l committed Oct 15, 2018
1 parent c34bb08 commit 320eddbdc94aacb896907e79d3a51ff269f7325f
@@ -24,14 +24,14 @@ suspend fun CookiesStorage.addCookie(urlString: String, cookie: Cookie) {
internal fun Cookie.matches(requestUrl: Url): Boolean {
val domain = domain?.toLowerCase()?.trimStart('.') ?: error("Domain field should have the default value")
val path = with(path) {
val current = path?.toLowerCase() ?: error("Path field should have the default value")
if (current.endsWith("/")) current else "$path/"
val current = path ?: error("Path field should have the default value")
if (current.endsWith('/')) current else "$path/"
}

val host = requestUrl.host.toLowerCase()
val requestPath = let {
val pathInRequest = requestUrl.encodedPath.toLowerCase()
if (pathInRequest.endsWith("/")) pathInRequest else "$pathInRequest/"
val pathInRequest = requestUrl.encodedPath
if (pathInRequest.endsWith('/')) pathInRequest else "$pathInRequest/"
}

if (host != domain && (hostIsIp(host) || !host.endsWith(".$domain"))) return false
@@ -1,5 +1,6 @@
package io.ktor.client.tests

import io.ktor.application.*
import io.ktor.client.*
import io.ktor.client.engine.*
import io.ktor.client.features.cookies.*
@@ -61,6 +62,16 @@ abstract class CookiesTest(private val factory: HttpClientEngineFactory<*>) : Te
context.respond(HttpStatusCode.BadRequest)
}
}
get("/foo") {
val cookie = Cookie("foo", "bar")
context.response.cookies.append(cookie)

call.respond("OK")
}
get("/FOO") {
assertTrue(call.request.cookies.rawCookies.isEmpty())
call.respond("OK")
}
}
}

@@ -166,6 +177,22 @@ abstract class CookiesTest(private val factory: HttpClientEngineFactory<*>) : Te
}
}

@Test
fun caseSensitive() = clientTest(factory) {
config {
install(HttpCookies)
}

test { client ->
try {
client.get<Unit>(port = serverPort, path = "/foo")
client.get<Unit>(port = serverPort, path = "/FOO")
} catch (cause: Throwable) {
throw cause
}
}
}

@Test
@Ignore
fun multipleClients() = runBlocking {

0 comments on commit 320eddb

Please sign in to comment.
You can’t perform that action at this time.