Permalink
Browse files

Allow for any possible TLD when using the :all option with the cookie…

… session store. This works for subdomain.mysite.local, google.co.uk, google.com.au, etc. [#5147 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
  • Loading branch information...
1 parent ada8c66 commit fd78bb727045547371179428886c9b262d66091d @brycethornton brycethornton committed with josevalim Aug 14, 2010
Showing with 47 additions and 9 deletions.
  1. +18 −8 actionpack/lib/action_dispatch/middleware/cookies.rb
  2. +29 −1 actionpack/test/dispatch/cookies_test.rb
@@ -69,16 +69,26 @@ class CookieOverflow < StandardError; end
class CookieJar < Hash #:nodoc:
- # This regular expression is used to split the levels of a domain
- # So www.example.co.uk gives:
- # $1 => www.
- # $2 => example
- # $3 => co.uk
- DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
+ # This regular expression is used to split the levels of a domain.
+ # The top level domain can be any string without a period or
+ # **.**, ***.** style TLDs like co.uk or com.au
+ #
+ # www.example.co.uk gives:
+ # $1 => example
+ # $2 => co.uk
+ #
+ # example.com gives:
+ # $1 => example
+ # $2 => com
+ #
+ # lots.of.subdomains.example.local gives:
+ # $1 => example
+ # $2 => local
+ DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/
def self.build(request)
secret = request.env[TOKEN_KEY]
- host = request.env["HTTP_HOST"]
+ host = request.host
new(secret, host).tap do |hash|
hash.update(request.cookies)
@@ -104,7 +114,7 @@ def handle_options(options) #:nodoc:
if options[:domain] == :all
@host =~ DOMAIN_REGEXP
- options[:domain] = ".#{$2}.#{$3}"
+ options[:domain] = ".#{$1}.#{$2}"
end
end
@@ -232,6 +232,34 @@ def test_cookie_with_all_domain_option
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/"
end
+ def test_cookie_with_all_domain_option_using_a_non_standard_tld
+ @request.host = "two.subdomains.nextangle.local"
+ get :set_cookie_with_domain
+ assert_response :success
+ assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
+ end
+
+ def test_cookie_with_all_domain_option_using_australian_style_tld
+ @request.host = "nextangle.com.au"
+ get :set_cookie_with_domain
+ assert_response :success
+ assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/"
+ end
+
+ def test_cookie_with_all_domain_option_using_uk_style_tld
+ @request.host = "nextangle.co.uk"
+ get :set_cookie_with_domain
+ assert_response :success
+ assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/"
+ end
+
+ def test_cookie_with_all_domain_option_using_host_with_port
+ @request.host = "nextangle.local:3000"
+ get :set_cookie_with_domain
+ assert_response :success
+ assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
+ end
+
def test_deleting_cookie_with_all_domain_option
get :delete_cookie_with_domain
assert_response :success
@@ -247,4 +275,4 @@ def assert_cookie_header(expected)
assert_equal expected.split("\n"), header
end
end
-end
+end

0 comments on commit fd78bb7

Please sign in to comment.