fixed small bug in cookie parser

mojolicious · May 8, 2012 · f022555 · f022555
1 parent 4e0b28a
commit f022555
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 18 deletions.
diff --git a/Changes b/Changes
@@ -9,6 +9,7 @@ This file documents the revision history for Perl extension Mojolicious.
   - Improved documentation.
   - Fixed typo in 414 status message.
   - Fixed small cookie formatting bug.
+  - Fixed small bug in cookie parser.
   - Fixed small backlog bug in Mojo::Server::Daemon.
 
 2.93  2012-05-05

diff --git a/lib/Mojo/Cookie/Response.pm b/lib/Mojo/Cookie/Response.pm
@@ -6,8 +6,6 @@ use Mojo::Util 'quote';
 
 has [qw/domain httponly max_age path secure/];
 
-my $ATTR_RE = qr/(expires|domain|path|secure|HttpOnly|Max-Age)/msi;
-
 sub expires {
   my $self = shift;
 
@@ -37,17 +35,18 @@ sub parse {
       my ($name, $value) = @{$token->[$i]};
 
       # This will only run once
-      if (!$i) {
-        push @cookies,
-          Mojo::Cookie::Response->new(name => $name, value => $value // '');
-      }
-
-      # Attributes
-      elsif (my @match = $name =~ $ATTR_RE) {
-        my $attr = lc $match[0];
-        $attr =~ tr/-/_/;
-        $cookies[-1]->$attr($attr =~ /(?:secure|HttpOnly)/i ? 1 : $value);
-      }
+      push(@cookies,
+        Mojo::Cookie::Response->new(name => $name, value => $value // ''))
+        and next
+        unless $i;
+
+      # Attributes (Netscape and RFC 6265)
+      next
+        unless my @match
+          = $name =~ /^(expires|domain|path|secure|Max-Age|HttpOnly)$/msi;
+      my $attr = lc $match[0];
+      $attr =~ tr/-/_/;
+      $cookies[-1]->$attr($attr =~ /(?:secure|HttpOnly)/i ? 1 : $value);
     }
   }
 
@@ -75,12 +74,12 @@ sub to_string {
   # "secure" (Netscape)
   if (my $secure = $self->secure) { $cookie .= "; secure" }
 
-  # "HttpOnly" (RFC 6265)
-  if (my $httponly = $self->httponly) { $cookie .= "; HttpOnly" }
-
   # "Max-Age" (RFC 6265)
   if (defined(my $m = $self->max_age)) { $cookie .= "; Max-Age=$m" }
 
+  # "HttpOnly" (RFC 6265)
+  if (my $httponly = $self->httponly) { $cookie .= "; HttpOnly" }
+
   return $cookie;
 }
 

diff --git a/t/mojo/cookie.t b/t/mojo/cookie.t
@@ -1,6 +1,6 @@
 use Mojo::Base -strict;
 
-use Test::More tests => 182;
+use Test::More tests => 190;
 
 # "What good is money if it can't inspire terror in your fellow man?"
 use Mojo::Cookie::Request;
@@ -171,7 +171,7 @@ $cookie->secure(1);
 $cookie->httponly(1);
 is $cookie->to_string,
   'foo=ba r; expires=Thu, 07 Aug 2008 07:07:59 GMT; domain=kraih.com;'
-  . ' path=/test; secure; HttpOnly; Max-Age=60', 'right format';
+  . ' path=/test; secure; Max-Age=60; HttpOnly', 'right format';
 
 # Parse response cookie (RFC 6265)
 $cookies
@@ -188,6 +188,21 @@ is $cookies->[0]->expires, 'Thu, 07 Aug 2008 07:07:59 GMT',
 is $cookies->[0]->secure, '1', 'right secure flag';
 is $cookies->[1], undef, 'no more cookies';
 
+# Parse response cookie with invalid flag (RFC 6265)
+$cookies
+  = Mojo::Cookie::Response->parse(
+      'foo=ba r; Domain=kraih.com; Path=/test; Max-Age=60;'
+    . ' Expires=Thu, 07 Aug 2008 07:07:59 GMT; InSecure;');
+is $cookies->[0]->name,    'foo',       'right name';
+is $cookies->[0]->value,   'ba r',      'right value';
+is $cookies->[0]->domain,  'kraih.com', 'right domain';
+is $cookies->[0]->path,    '/test',     'right path';
+is $cookies->[0]->max_age, 60,          'right max age value';
+is $cookies->[0]->expires, 'Thu, 07 Aug 2008 07:07:59 GMT',
+  'right expires value';
+is $cookies->[0]->secure, undef, 'no secure flag';
+is $cookies->[1], undef, 'no more cookies';
+
 # Parse quoted response cookie (RFC 6265)
 $cookies
   = Mojo::Cookie::Response->parse(