Use CGI::Cookie::parse for request cookies until we officially deprecated CGI.
This commit is contained in:
parent
5fe2878973
commit
c4d570c2eb
|
@ -49,21 +49,12 @@ module ActionController #:nodoc:
|
|||
def cookies
|
||||
return {} unless @env["HTTP_COOKIE"]
|
||||
|
||||
if @env["rack.request.cookie_string"] == @env["HTTP_COOKIE"]
|
||||
@env["rack.request.cookie_hash"]
|
||||
else
|
||||
unless @env["rack.request.cookie_string"] == @env["HTTP_COOKIE"]
|
||||
@env["rack.request.cookie_string"] = @env["HTTP_COOKIE"]
|
||||
# According to RFC 2109:
|
||||
# If multiple cookies satisfy the criteria above, they are ordered in
|
||||
# the Cookie header such that those with more specific Path attributes
|
||||
# precede those with less specific. Ordering with respect to other
|
||||
# attributes (e.g., Domain) is unspecified.
|
||||
@env["rack.request.cookie_hash"] =
|
||||
parse_query(@env["rack.request.cookie_string"], ';,').inject({}) { |h, (k,v)|
|
||||
h[k] = Array === v ? v.first : v
|
||||
h
|
||||
}
|
||||
@env["rack.request.cookie_hash"] = CGI::Cookie::parse(@env["rack.request.cookie_string"])
|
||||
end
|
||||
|
||||
@env["rack.request.cookie_hash"]
|
||||
end
|
||||
|
||||
def host_with_port_without_standard_port_handling
|
||||
|
@ -170,31 +161,6 @@ end_msg
|
|||
def session_options_with_string_keys
|
||||
@session_options_with_string_keys ||= DEFAULT_SESSION_OPTIONS.merge(@session_options).stringify_keys
|
||||
end
|
||||
|
||||
# From Rack::Utils
|
||||
def parse_query(qs, d = '&;')
|
||||
params = {}
|
||||
(qs || '').split(/[#{d}] */n).inject(params) { |h,p|
|
||||
k, v = unescape(p).split('=',2)
|
||||
if cur = params[k]
|
||||
if cur.class == Array
|
||||
params[k] << v
|
||||
else
|
||||
params[k] = [cur, v]
|
||||
end
|
||||
else
|
||||
params[k] = v
|
||||
end
|
||||
}
|
||||
|
||||
return params
|
||||
end
|
||||
|
||||
def unescape(s)
|
||||
s.tr('+', ' ').gsub(/((?:%[0-9a-fA-F]{2})+)/n){
|
||||
[$1.delete('%')].pack('H*')
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
class RackResponse < AbstractResponse #:nodoc:
|
||||
|
|
|
@ -33,10 +33,10 @@ class BaseRackTest < Test::Unit::TestCase
|
|||
"REDIRECT_STATUS" => "200",
|
||||
"REQUEST_METHOD" => "GET"
|
||||
}
|
||||
@request = ActionController::RackRequest.new(@env)
|
||||
# some Nokia phone browsers omit the space after the semicolon separator.
|
||||
# some developers have grown accustomed to using comma in cookie values.
|
||||
@alt_cookie_fmt_request_hash = {"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"}
|
||||
@request = ActionController::RackRequest.new(@env)
|
||||
@alt_cookie_fmt_request = ActionController::RackRequest.new(@env.merge({"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"}))
|
||||
end
|
||||
|
||||
def default_test; end
|
||||
|
@ -100,11 +100,11 @@ class RackRequestTest < BaseRackTest
|
|||
end
|
||||
|
||||
def test_cookie_syntax_resilience
|
||||
cookies = CGI::Cookie::parse(@env["HTTP_COOKIE"]);
|
||||
cookies = @request.cookies
|
||||
assert_equal ["c84ace84796670c052c6ceb2451fb0f2"], cookies["_session_id"], cookies.inspect
|
||||
assert_equal ["yes"], cookies["is_admin"], cookies.inspect
|
||||
|
||||
alt_cookies = CGI::Cookie::parse(@alt_cookie_fmt_request_hash["HTTP_COOKIE"]);
|
||||
alt_cookies = @alt_cookie_fmt_request.cookies
|
||||
assert_equal ["c84ace847,96670c052c6ceb2451fb0f2"], alt_cookies["_session_id"], alt_cookies.inspect
|
||||
assert_equal ["yes"], alt_cookies["is_admin"], alt_cookies.inspect
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue