Permalink
Browse files

Add HTTPOnly cookie support

  • Loading branch information...
1 parent 5cb1dab commit 095989eee0facefe6d2ed0e578d42dc6975eb9e3 Nick Brosnahan committed Mar 12, 2011
Showing with 30 additions and 4 deletions.
  1. +16 −4 lib/httpclient/cookie.rb
  2. +14 −0 test/test_cookie.rb
@@ -60,7 +60,7 @@ class Cookie
attr_accessor :domain, :path
attr_accessor :expires ## for Netscape Cookie
attr_accessor :url
- attr_writer :use, :secure, :discard, :domain_orig, :path_orig, :override
+ attr_writer :use, :secure, :http_only, :discard, :domain_orig, :path_orig, :override
USE = 1
SECURE = 2
@@ -69,12 +69,13 @@ class Cookie
DISCARD = 16
OVERRIDE = 32
OVERRIDE_OK = 32
+ HTTP_ONLY = 64
def initialize()
@name = @value = @domain = @path = nil
@expires = nil
@url = nil
- @use = @secure = @discard = @domain_orig = @path_orig = @override = nil
+ @use = @secure = @http_only = @discard = @domain_orig = @path_orig = @override = nil
end
def discard?
@@ -89,6 +90,10 @@ def secure?
@secure
end
+ def http_only?
+ @http_only
+ end
+
def domain_orig?
@domain_orig
end
@@ -105,6 +110,7 @@ def flag
flg = 0
flg += USE if @use
flg += SECURE if @secure
+ flg += HTTP_ONLY if @http_only
flg += DOMAIN if @domain_orig
flg += PATH if @path_orig
flg += DISCARD if @discard
@@ -116,6 +122,7 @@ def set_flag(flag)
flag = flag.to_i
@use = true if flag & USE > 0
@secure = true if flag & SECURE > 0
+ @http_only = true if flag & HTTP_ONLY > 0
@domain_orig = true if flag & DOMAIN > 0
@path_orig = true if flag & PATH > 0
@discard = true if flag & DISCARD > 0
@@ -188,6 +195,8 @@ def parse(str, url)
@path = value
when 'secure'
@secure = true ## value may nil, but must 'true'.
+ when 'httponly'
+ @http_only = true ## value may nil, but must 'true'.
else
## ignore
end
@@ -330,8 +339,8 @@ def add(cookie)
name, value = cookie.name, cookie.value
expires, domain, path =
cookie.expires, cookie.domain, cookie.path
- secure, domain_orig, path_orig =
- cookie.secure?, cookie.domain_orig?, cookie.path_orig?
+ secure, http_only, domain_orig, path_orig =
+ cookie.secure?, cookie.http_only?, cookie.domain_orig?, cookie.path_orig?
discard, override =
cookie.discard?, cookie.override?
@@ -392,6 +401,7 @@ def add(cookie)
## for flag
cookie.secure = secure
+ cookie.http_only = http_only
cookie.domain_orig = domain_orig
cookie.path_orig = path_orig
if discard || cookie.expires == nil
@@ -547,6 +557,8 @@ def check_cookie_accept_domain(domain)
-- Cookie#use=(use)
-- Cookie#secure?
-- Cookie#secure=(secure)
+ -- Cookie#http_only?
+ -- Cookie#http_only=(http_only)
-- Cookie#domain_orig?
-- Cookie#domain_orig=(domain_orig)
-- Cookie#path_orig?
View
@@ -168,6 +168,20 @@ def test_parse2()
assert_equal(Time.gm(2037,12,31,12,0,0), cookie.expires)
end
+ def test_parse3()
+ str = "xmen=off,0,0,1; path=/; domain=.excite.co.jp; expires=Wednesday, 31-Dec-2037 12:00:00 GMT;Secure;HTTPOnly"
+ @cm.parse(str,URI.parse('http://www.excite.co.jp'))
+ cookie = @cm.cookies[0]
+ assert_instance_of(WebAgent::Cookie, cookie)
+ assert_equal("xmen", cookie.name)
+ assert_equal("off,0,0,1", cookie.value)
+ assert_equal("/", cookie.path)
+ assert_equal(".excite.co.jp", cookie.domain)
+ assert_equal(Time.gm(2037,12,31,12,0,0), cookie.expires)
+ assert_equal(true, cookie.secure?)
+ assert_equal(true, cookie.http_only?)
+ end
+
def test_parse_double_semicolon()
str = "xmen=off,0,0,1;; path=\"/;;\"; domain=.excite.co.jp; expires=Wednesday, 31-Dec-2037 12:00:00 GMT"
@cm.parse(str,URI.parse('http://www.excite.co.jp'))

0 comments on commit 095989e

Please sign in to comment.