cookiejar2 0.3.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.circleci/config.yml +15 -0
- data/.gitignore +8 -0
- data/.rspec +2 -0
- data/.travis.yml +17 -0
- data/Gemfile +2 -0
- data/LICENSE +10 -0
- data/README.markdown +37 -0
- data/Rakefile +30 -0
- data/_config.yml +1 -0
- data/contributors.json +14 -0
- data/cookiejar.gemspec +28 -0
- data/lib/cookiejar/cookie.rb +257 -0
- data/lib/cookiejar/cookie_validation.rb +410 -0
- data/lib/cookiejar/jar.rb +314 -0
- data/lib/cookiejar/version.rb +4 -0
- data/lib/cookiejar.rb +3 -0
- data/spec/cookie_spec.rb +176 -0
- data/spec/cookie_validation_spec.rb +236 -0
- data/spec/jar_spec.rb +232 -0
- data/spec/spec_helper.rb +9 -0
- metadata +139 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 78294737766796f222dc8f4d2e8b09d1e167512af6ac9a167349eb06b7839e5e
|
4
|
+
data.tar.gz: dd98ce246d2636b1af72c14ec7fadff3521db5a14dbd074addd82159e17c2274
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: fd3c960bc06f9887b7b9665ca59305f84d7df30332d3f330101965b222039a13fad665fc6225d885461f3fb23626fa29cccc43e8e79e100d5977407d9dc68b3a
|
7
|
+
data.tar.gz: 000d194f9e949451299b7c75d0c5816d2a6a9a4eb99996e65b3d6008cbc528b24aadc15a99ee27573d33a5a4e159b6ea71e204e572aaaa9516ce7207c74ee8d1
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,10 @@
|
|
1
|
+
Copyright (c) 2009 - 2018, David Waite and Other Contributors
|
2
|
+
All rights reserved.
|
3
|
+
|
4
|
+
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
|
5
|
+
|
6
|
+
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
|
7
|
+
|
8
|
+
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
|
9
|
+
|
10
|
+
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
data/README.markdown
ADDED
@@ -0,0 +1,37 @@
|
|
1
|
+
[![CircleCI](https://circleci.com/gh/dorianmariefr/cookiejar2/tree/main.svg?style=svg)](https://circleci.com/gh/dorianmariefr/cookiejar2/tree/main)
|
2
|
+
|
3
|
+
This is a fork to fix warnings.
|
4
|
+
|
5
|
+
-----
|
6
|
+
|
7
|
+
Ruby CookieJar
|
8
|
+
==============
|
9
|
+
|
10
|
+
**Git**: [http://github.com/dwaite/cookiejar](http://github.com/dwaite/cookiejar)
|
11
|
+
|
12
|
+
**Author**: David Waite
|
13
|
+
|
14
|
+
[![Build Status](https://travis-ci.org/dwaite/cookiejar.svg?branch=master)](https://travis-ci.org/dwaite/cookiejar)
|
15
|
+
|
16
|
+
Synopsis
|
17
|
+
--------
|
18
|
+
|
19
|
+
The Ruby CookieJar is a library to help manage client-side cookies in pure Ruby. It enables parsing and setting of cookie headers, alternating between multiple 'jars' of cookies at one time (such as having a set of cookies for each browser or thread), and supports persistence of the cookies in a JSON string.
|
20
|
+
|
21
|
+
Both Netscape/RFC 2109 cookies and RFC 2965 cookies are supported.
|
22
|
+
|
23
|
+
Roadmap
|
24
|
+
-------
|
25
|
+
|
26
|
+
For the Next major release, I would like to accomplish:
|
27
|
+
|
28
|
+
1. Check against [RFC 6265 - HTTP State Management Mechanism][rfc6265], the latest cookie spec which came out after the initial release of cookiejar
|
29
|
+
2. Determine better code structure to encourage alternate persistence mechanisms for cookie jars
|
30
|
+
|
31
|
+
[rfc6265]: http://tools.ietf.org/html/rfc6265
|
32
|
+
COPYRIGHT
|
33
|
+
---------
|
34
|
+
The Ruby CookieJar is Copyright © 2009-2014 David Waite, with [additional contributions from various authors][contributions]. Licensing terms are given within the [LICENSE file][LICENSE].
|
35
|
+
|
36
|
+
[contributions]: ./contributors.json
|
37
|
+
[LICENSE]: ./LICENSE
|
data/Rakefile
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'bundler/gem_tasks'
|
2
|
+
|
3
|
+
require 'rake'
|
4
|
+
|
5
|
+
require 'rake/clean'
|
6
|
+
require 'yard'
|
7
|
+
require 'yard/rake/yardoc_task'
|
8
|
+
|
9
|
+
CLEAN << Rake::FileList['doc/**', '.yardoc']
|
10
|
+
# Yard
|
11
|
+
YARD::Rake::YardocTask.new do |t|
|
12
|
+
t.files = ['lib/**/*.rb'] # optional
|
13
|
+
t.options = ['--title', 'CookieJar, a HTTP Client Cookie Parsing Library',
|
14
|
+
'--main', 'README.markdown', '--files', 'LICENSE']
|
15
|
+
end
|
16
|
+
|
17
|
+
begin
|
18
|
+
require 'rspec/core/rake_task'
|
19
|
+
|
20
|
+
RSpec::Core::RakeTask.new do |t|
|
21
|
+
t.ruby_opts = %w(-w)
|
22
|
+
t.pattern = 'spec/**/*_spec.rb'
|
23
|
+
end
|
24
|
+
task test: :spec
|
25
|
+
rescue LoadError
|
26
|
+
puts 'Warning: unable to load rspec tasks'
|
27
|
+
end
|
28
|
+
|
29
|
+
# Default Rake task is to run all tests
|
30
|
+
task default: :test
|
data/_config.yml
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
theme: jekyll-theme-tactile
|
data/contributors.json
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
[
|
2
|
+
{
|
3
|
+
"author": {
|
4
|
+
"github": "http://github.com/secobarbital",
|
5
|
+
"name": "Seggy Umboh"
|
6
|
+
},
|
7
|
+
"contributions": [
|
8
|
+
"widen supported IP addresses",
|
9
|
+
"fix case-sensitivity issue with HTTP headers",
|
10
|
+
"correct issue when running under Ruby 1.8.x",
|
11
|
+
"made Jar act more like a browser (dropping cookies w/o exception)"
|
12
|
+
]
|
13
|
+
}
|
14
|
+
]
|
data/cookiejar.gemspec
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
lib = File.expand_path('../lib', __FILE__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require 'cookiejar/version'
|
6
|
+
|
7
|
+
Gem::Specification.new do |s|
|
8
|
+
s.name = 'cookiejar2'
|
9
|
+
s.version = CookieJar::VERSION
|
10
|
+
s.authors = ['David Waite']
|
11
|
+
s.license = 'BSD-2-Clause'
|
12
|
+
s.email = ['david@alkaline-solutions.com']
|
13
|
+
s.description = 'Allows for parsing and returning cookies in Ruby HTTP client code'
|
14
|
+
s.summary = 'Client-side HTTP Cookie library'
|
15
|
+
s.homepage = 'http://alkaline-solutions.com'
|
16
|
+
s.date = '2014-02-01'
|
17
|
+
|
18
|
+
s.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
|
19
|
+
s.test_files = s.files.grep(%r{^(spec)/})
|
20
|
+
s.rdoc_options = ['--title', 'CookieJar -- Client-side HTTP Cookies']
|
21
|
+
s.require_paths = ['lib']
|
22
|
+
|
23
|
+
s.add_development_dependency 'rake'
|
24
|
+
s.add_development_dependency 'rspec-collection_matchers'
|
25
|
+
s.add_development_dependency 'rspec'
|
26
|
+
s.add_development_dependency 'yard'
|
27
|
+
s.add_development_dependency 'bundler'
|
28
|
+
end
|
@@ -0,0 +1,257 @@
|
|
1
|
+
require 'time'
|
2
|
+
require 'uri'
|
3
|
+
require 'cookiejar/cookie_validation'
|
4
|
+
|
5
|
+
module CookieJar
|
6
|
+
# Cookie is an immutable object which defines the data model of a HTTP Cookie.
|
7
|
+
# The data values within the cookie may be different from the
|
8
|
+
# values described in the literal cookie declaration.
|
9
|
+
# Specifically, the 'domain' and 'path' values may be set to defaults
|
10
|
+
# based on the requested resource that resulted in the cookie being set.
|
11
|
+
class Cookie
|
12
|
+
# [String] The name of the cookie.
|
13
|
+
attr_reader :name
|
14
|
+
# [String] The value of the cookie, without any attempts at decoding.
|
15
|
+
attr_reader :value
|
16
|
+
|
17
|
+
# [String] The domain scope of the cookie. Follows the RFC 2965
|
18
|
+
# 'effective host' rules. A 'dot' prefix indicates that it applies both
|
19
|
+
# to the non-dotted domain and child domains, while no prefix indicates
|
20
|
+
# that only exact matches of the domain are in scope.
|
21
|
+
attr_reader :domain
|
22
|
+
|
23
|
+
# [String] The path scope of the cookie. The cookie applies to URI paths
|
24
|
+
# that prefix match this value.
|
25
|
+
attr_reader :path
|
26
|
+
|
27
|
+
# [Boolean] The secure flag is set to indicate that the cookie should
|
28
|
+
# only be sent securely. Nearly all HTTP User Agent implementations assume
|
29
|
+
# this to mean that the cookie should only be sent over a
|
30
|
+
# SSL/TLS-protected connection
|
31
|
+
attr_reader :secure
|
32
|
+
|
33
|
+
# [Boolean] Popular browser extension to mark a cookie as invisible
|
34
|
+
# to code running within the browser, such as JavaScript
|
35
|
+
attr_reader :http_only
|
36
|
+
|
37
|
+
# [Fixnum] Version indicator, currently either
|
38
|
+
# * 0 for netscape cookies
|
39
|
+
# * 1 for RFC 2965 cookies
|
40
|
+
attr_reader :version
|
41
|
+
# [String] RFC 2965 field for indicating comment (or a location)
|
42
|
+
# describing the cookie to a usesr agent.
|
43
|
+
attr_reader :comment, :comment_url
|
44
|
+
# [Boolean] RFC 2965 field for indicating session lifetime for a cookie
|
45
|
+
attr_reader :discard
|
46
|
+
# [Array<FixNum>, nil] RFC 2965 port scope for the cookie. If not nil,
|
47
|
+
# indicates specific ports on the HTTP server which should receive this
|
48
|
+
# cookie if contacted.
|
49
|
+
attr_reader :ports
|
50
|
+
# [Time] Time when this cookie was first evaluated and created.
|
51
|
+
attr_reader :created_at
|
52
|
+
|
53
|
+
# Evaluate when this cookie will expire. Uses the original cookie fields
|
54
|
+
# for a max age or expires
|
55
|
+
#
|
56
|
+
# @return [Time, nil] Time of expiry, if this cookie has an expiry set
|
57
|
+
def expires_at
|
58
|
+
if @expiry.nil? || @expiry.is_a?(Time)
|
59
|
+
@expiry
|
60
|
+
else
|
61
|
+
@created_at + @expiry
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# Indicates whether the cookie is currently considered valid
|
66
|
+
#
|
67
|
+
# @param [Time] time to compare against, or 'now' if omitted
|
68
|
+
# @return [Boolean]
|
69
|
+
def expired?(time = Time.now)
|
70
|
+
!expires_at.nil? && time > expires_at
|
71
|
+
end
|
72
|
+
|
73
|
+
# Indicates whether the cookie will be considered invalid after the end
|
74
|
+
# of the current user session
|
75
|
+
# @return [Boolean]
|
76
|
+
def session?
|
77
|
+
@expiry.nil? || @discard
|
78
|
+
end
|
79
|
+
|
80
|
+
# Create a cookie based on an absolute URI and the string value of a
|
81
|
+
# 'Set-Cookie' header.
|
82
|
+
#
|
83
|
+
# @param request_uri [String, URI] HTTP/HTTPS absolute URI of request.
|
84
|
+
# This is used to fill in domain and port if missing from the cookie,
|
85
|
+
# and to perform appropriate validation.
|
86
|
+
# @param set_cookie_value [String] HTTP value for the Set-Cookie header.
|
87
|
+
# @return [Cookie] created from the header string and request URI
|
88
|
+
# @raise [InvalidCookieError] on validation failure(s)
|
89
|
+
def self.from_set_cookie(request_uri, set_cookie_value)
|
90
|
+
args = CookieJar::CookieValidation.parse_set_cookie set_cookie_value
|
91
|
+
args[:domain] = CookieJar::CookieValidation
|
92
|
+
.determine_cookie_domain request_uri, args[:domain]
|
93
|
+
args[:path] = CookieJar::CookieValidation
|
94
|
+
.determine_cookie_path request_uri, args[:path]
|
95
|
+
cookie = Cookie.new args
|
96
|
+
CookieJar::CookieValidation.validate_cookie request_uri, cookie
|
97
|
+
cookie
|
98
|
+
end
|
99
|
+
|
100
|
+
# Create a cookie based on an absolute URI and the string value of a
|
101
|
+
# 'Set-Cookie2' header.
|
102
|
+
#
|
103
|
+
# @param request_uri [String, URI] HTTP/HTTPS absolute URI of request.
|
104
|
+
# This is used to fill in domain and port if missing from the cookie,
|
105
|
+
# and to perform appropriate validation.
|
106
|
+
# @param set_cookie_value [String] HTTP value for the Set-Cookie2 header.
|
107
|
+
# @return [Cookie] created from the header string and request URI
|
108
|
+
# @raise [InvalidCookieError] on validation failure(s)
|
109
|
+
def self.from_set_cookie2(request_uri, set_cookie_value)
|
110
|
+
args = CookieJar::CookieValidation.parse_set_cookie2 set_cookie_value
|
111
|
+
args[:domain] = CookieJar::CookieValidation
|
112
|
+
.determine_cookie_domain request_uri, args[:domain]
|
113
|
+
args[:path] = CookieJar::CookieValidation
|
114
|
+
.determine_cookie_path request_uri, args[:path]
|
115
|
+
cookie = Cookie.new args
|
116
|
+
CookieJar::CookieValidation.validate_cookie request_uri, cookie
|
117
|
+
cookie
|
118
|
+
end
|
119
|
+
|
120
|
+
# Returns cookie in a format appropriate to send to a server.
|
121
|
+
#
|
122
|
+
# @param [FixNum] 0 version, 0 for Netscape-style cookies, 1 for
|
123
|
+
# RFC2965-style.
|
124
|
+
# @param [Boolean] true prefix, for RFC2965, whether to prefix with
|
125
|
+
# "$Version=<version>;". Ignored for Netscape-style cookies
|
126
|
+
def to_s(ver = 0, prefix = true)
|
127
|
+
return "#{name}=#{value}" if ver == 0
|
128
|
+
|
129
|
+
# we do not need to encode path; the only characters required to be
|
130
|
+
# quoted must be escaped in URI
|
131
|
+
str = prefix ? "$Version=#{version};" : ''
|
132
|
+
str << "#{name}=#{value};$Path=\"#{path}\""
|
133
|
+
str << ";$Domain=#{domain}" if domain.start_with? '.'
|
134
|
+
str << ";$Port=\"#{ports.join ','}\"" if ports
|
135
|
+
str
|
136
|
+
end
|
137
|
+
|
138
|
+
# Return a hash representation of the cookie.
|
139
|
+
|
140
|
+
def to_hash
|
141
|
+
result = {
|
142
|
+
name: @name,
|
143
|
+
value: @value,
|
144
|
+
domain: @domain,
|
145
|
+
path: @path,
|
146
|
+
created_at: @created_at
|
147
|
+
}
|
148
|
+
{
|
149
|
+
expiry: @expiry,
|
150
|
+
secure: (true if @secure),
|
151
|
+
http_only: (true if @http_only),
|
152
|
+
version: (@version if version != 0),
|
153
|
+
comment: @comment,
|
154
|
+
comment_url: @comment_url,
|
155
|
+
discard: (true if @discard),
|
156
|
+
ports: @ports
|
157
|
+
}.each do |name, value|
|
158
|
+
result[name] = value if value
|
159
|
+
end
|
160
|
+
|
161
|
+
result
|
162
|
+
end
|
163
|
+
|
164
|
+
# Determine if a cookie should be sent given a request URI along with
|
165
|
+
# other options.
|
166
|
+
#
|
167
|
+
# This currently ignores domain.
|
168
|
+
#
|
169
|
+
# @param uri [String, URI] the requested page which may need to receive
|
170
|
+
# this cookie
|
171
|
+
# @param script [Boolean] indicates that cookies with the 'httponly'
|
172
|
+
# extension should be ignored
|
173
|
+
# @return [Boolean] whether this cookie should be sent to the server
|
174
|
+
def should_send?(request_uri, script)
|
175
|
+
uri = CookieJar::CookieValidation.to_uri request_uri
|
176
|
+
# cookie path must start with the uri, it must not be a secure cookie
|
177
|
+
# being sent over http, and it must not be a http_only cookie sent to
|
178
|
+
# a script
|
179
|
+
path = if uri.path == ''
|
180
|
+
'/'
|
181
|
+
else
|
182
|
+
uri.path
|
183
|
+
end
|
184
|
+
path_match = path.start_with? @path
|
185
|
+
secure_match = !(@secure && uri.scheme == 'http')
|
186
|
+
script_match = !(script && @http_only)
|
187
|
+
expiry_match = !expired?
|
188
|
+
ports_match = ports.nil? || (ports.include? uri.port)
|
189
|
+
path_match && secure_match && script_match && expiry_match && ports_match
|
190
|
+
end
|
191
|
+
|
192
|
+
def decoded_value
|
193
|
+
CookieJar::CookieValidation.decode_value value
|
194
|
+
end
|
195
|
+
|
196
|
+
# Return a JSON 'object' for the various data values. Allows for
|
197
|
+
# persistence of the cookie information
|
198
|
+
#
|
199
|
+
# @param [Array] a options controlling output JSON text
|
200
|
+
# (usually a State and a depth)
|
201
|
+
# @return [String] JSON representation of object data
|
202
|
+
def to_json(*a)
|
203
|
+
to_hash.merge(json_class: self.class.name).to_json(*a)
|
204
|
+
end
|
205
|
+
|
206
|
+
# Given a Hash representation of a JSON document, create a local cookie
|
207
|
+
# from the included data.
|
208
|
+
#
|
209
|
+
# @param [Hash] o JSON object of array data
|
210
|
+
# @return [Cookie] cookie formed from JSON data
|
211
|
+
def self.json_create(o)
|
212
|
+
params = o.inject({}) do |hash, (key, value)|
|
213
|
+
hash[key.to_sym] = value
|
214
|
+
hash
|
215
|
+
end
|
216
|
+
params[:version] ||= 0
|
217
|
+
params[:created_at] = Time.parse params[:created_at]
|
218
|
+
if params[:expiry].is_a? String
|
219
|
+
params[:expires_at] = Time.parse params[:expiry]
|
220
|
+
else
|
221
|
+
params[:max_age] = params[:expiry]
|
222
|
+
end
|
223
|
+
params.delete :expiry
|
224
|
+
|
225
|
+
new params
|
226
|
+
end
|
227
|
+
|
228
|
+
# Compute the cookie search domains for a given request URI
|
229
|
+
# This will be the effective host of the request uri, along with any
|
230
|
+
# possibly matching dot-prefixed domains
|
231
|
+
#
|
232
|
+
# @param request_uri [String, URI] address being requested
|
233
|
+
# @return [Array<String>] String domain matches
|
234
|
+
def self.compute_search_domains(request_uri)
|
235
|
+
CookieValidation.compute_search_domains request_uri
|
236
|
+
end
|
237
|
+
|
238
|
+
protected
|
239
|
+
|
240
|
+
# Call {from_set_cookie} to create a new Cookie instance
|
241
|
+
def initialize(args)
|
242
|
+
@created_at, @name, @value, @domain, @path, @secure,
|
243
|
+
@http_only, @version, @comment, @comment_url, @discard, @ports \
|
244
|
+
= args.values_at \
|
245
|
+
:created_at, :name, :value, :domain, :path, :secure,
|
246
|
+
:http_only, :version, :comment, :comment_url, :discard, :ports
|
247
|
+
|
248
|
+
@created_at ||= Time.now
|
249
|
+
@expiry = args[:max_age] || args[:expires_at]
|
250
|
+
@secure ||= false
|
251
|
+
@http_only ||= false
|
252
|
+
@discard ||= false
|
253
|
+
|
254
|
+
@ports = [@ports] if @ports.is_a? Integer
|
255
|
+
end
|
256
|
+
end
|
257
|
+
end
|