-
Notifications
You must be signed in to change notification settings - Fork 1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Define default value for Cookie Max-Age (#10775)
The Cookie interface is updated with a constant value to represent an undefined Max-Age, and its JavaDocs are updated to explicitly state that the undefined value should not be encoded. The CookieHttpCookieAdapter implementation is updated to explicitly set the required undefined max age value in its constructor. The new constant is consistent with the behavior of the Netty Cookie implementation, and is meant to enforce consistency between it and the HttpCookie based implementation, if only by explicitly stating the intended contract. The CookieFactory service definition is removed from the http module as HttpCookieFactory already gets loaded by default (if no other service definitions are loaded) via CookieFactory.INSTANCE. This allows other explicit services definitions such as that in http-netty to reliably override the default implementation. Tests are added to verify the undefined max age value in both implementations, and to ensure that NettyServerCookieEncoder can correctly encode a Cookie created by the default HttpCookieFactory. * test: DefaultServerCookieEncoder encoding test * Only set if -1
- Loading branch information
1 parent
87a1dbc
commit 585c99b
Showing
7 changed files
with
112 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 0 additions & 1 deletion
1
http/src/main/resources/META-INF/services/io.micronaut.http.cookie.CookieFactory
This file was deleted.
Oops, something went wrong.
54 changes: 54 additions & 0 deletions
54
http/src/test/groovy/io/micronaut/http/cookie/DefaultServerCookieEncoderSpec.groovy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package io.micronaut.http.cookie | ||
|
||
import spock.lang.Specification | ||
|
||
import java.time.LocalDateTime | ||
import java.time.ZoneId | ||
import java.time.ZonedDateTime | ||
import java.time.format.DateTimeFormatter | ||
|
||
class DefaultServerCookieEncoderSpec extends Specification { | ||
|
||
void "DefaultServerCookieEncoder can correctly encode a cookie from HttpCookieFactory"() { | ||
given: | ||
HttpCookieFactory factory = new HttpCookieFactory(); | ||
ServerCookieEncoder cookieEncoder = new DefaultServerCookieEncoder() | ||
|
||
when: | ||
Cookie cookie = factory.create("SID", "31d4d96e407aad42").path("/").domain("example.com") | ||
|
||
then: | ||
"SID=31d4d96e407aad42; Path=/; Domain=example.com" == cookieEncoder.encode(cookie)[0] | ||
|
||
when: | ||
cookie = factory.create("SID", "31d4d96e407aad42").path("/").domain("example.com").sameSite(SameSite.Strict) | ||
|
||
then: | ||
"SID=31d4d96e407aad42; Path=/; Domain=example.com; SameSite=Strict" == cookieEncoder.encode(cookie)[0] | ||
|
||
when: | ||
cookie = factory.create("SID", "31d4d96e407aad42").path("/").secure().httpOnly() | ||
|
||
then: 'Netty uses HTTPOnly instead of HttpOnly' | ||
"SID=31d4d96e407aad42; Path=/; Secure; HttpOnly" == cookieEncoder.encode(cookie)[0] | ||
|
||
when: | ||
long maxAge = 2592000 | ||
cookie = factory.create("id", "a3fWa").maxAge(maxAge) | ||
String result = cookieEncoder.encode(cookie).get(0) | ||
String expected = "id=a3fWa; Max-Age=2592000; " + Cookie.ATTRIBUTE_EXPIRES + "=" + expires(maxAge) | ||
String expected2 = "id=a3fWa; Max-Age=2592000; " + Cookie.ATTRIBUTE_EXPIRES + "=" + expires(maxAge + 1) // To prevent flakiness | ||
String expected3 = "id=a3fWa; Max-Age=2592000; " + Cookie.ATTRIBUTE_EXPIRES + "=" + expires(maxAge - 1) // To prevent flakiness | ||
|
||
then: | ||
expected == result || expected2 == result || expected3 == result | ||
} | ||
|
||
private static String expires(Long maxAgeSeconds) { | ||
ZoneId gmtZone = ZoneId.of("GMT") | ||
LocalDateTime localDateTime = LocalDateTime.now(gmtZone).plusSeconds(maxAgeSeconds) | ||
ZonedDateTime gmtDateTime = ZonedDateTime.of(localDateTime, gmtZone) | ||
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("EEE, dd MMM yyyy HH:mm:ss 'GMT'") | ||
gmtDateTime.format(formatter) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters