From fd78bb727045547371179428886c9b262d66091d Mon Sep 17 00:00:00 2001 From: Bryce Thornton Date: Sat, 14 Aug 2010 15:35:01 -0400 Subject: [PATCH] Allow for any possible TLD when using the :all option with the cookie session store. This works for subdomain.mysite.local, google.co.uk, google.com.au, etc. [#5147 state:resolved] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: José Valim --- .../lib/action_dispatch/middleware/cookies.rb | 26 +++++++++++----- actionpack/test/dispatch/cookies_test.rb | 30 ++++++++++++++++++- 2 files changed, 47 insertions(+), 9 deletions(-) diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 4d33cd3b0c..c281e323e5 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -69,16 +69,26 @@ module ActionDispatch class CookieJar < Hash #:nodoc: - # This regular expression is used to split the levels of a domain - # So www.example.co.uk gives: - # $1 => www. - # $2 => example - # $3 => co.uk - DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/ + # This regular expression is used to split the levels of a domain. + # The top level domain can be any string without a period or + # **.**, ***.** style TLDs like co.uk or com.au + # + # www.example.co.uk gives: + # $1 => example + # $2 => co.uk + # + # example.com gives: + # $1 => example + # $2 => com + # + # lots.of.subdomains.example.local gives: + # $1 => example + # $2 => local + DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/ def self.build(request) secret = request.env[TOKEN_KEY] - host = request.env["HTTP_HOST"] + host = request.host new(secret, host).tap do |hash| hash.update(request.cookies) @@ -104,7 +114,7 @@ module ActionDispatch if options[:domain] == :all @host =~ DOMAIN_REGEXP - options[:domain] = ".#{$2}.#{$3}" + options[:domain] = ".#{$1}.#{$2}" end end diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index b04c1a42c0..cadae5d97f 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -232,6 +232,34 @@ class CookiesTest < ActionController::TestCase assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/" end + def test_cookie_with_all_domain_option_using_a_non_standard_tld + @request.host = "two.subdomains.nextangle.local" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + + def test_cookie_with_all_domain_option_using_australian_style_tld + @request.host = "nextangle.com.au" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/" + end + + def test_cookie_with_all_domain_option_using_uk_style_tld + @request.host = "nextangle.co.uk" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/" + end + + def test_cookie_with_all_domain_option_using_host_with_port + @request.host = "nextangle.local:3000" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + def test_deleting_cookie_with_all_domain_option get :delete_cookie_with_domain assert_response :success @@ -247,4 +275,4 @@ class CookiesTest < ActionController::TestCase assert_equal expected.split("\n"), header end end -end \ No newline at end of file +end