dwaite-cookiejar 0.1.0

data/lib/cookiejar/cookie.rb

@@ -0,0 +1,95 @@
+require 'time'
+require 'cookiejar/cookie_logic'
+module CookieJar
+  class Cookie
+    include CookieLogic
+  
+    attr_reader :name, :value
+    attr_reader :created_at
+    attr_reader :expiry
+    attr_reader :domain, :path
+    attr_reader :secure, :http_only
+    attr_reader :version
+  # Currently unused attributes for RFC 2965 cookies
+  #  attr_reader :comment, :comment_url
+  #  attr_reader :discard
+  #  attr_reader :ports
+
+    def expires_at
+      if expiry.nil?
+        nil
+      elsif expiry.is_a? Time
+        expiry
+      else
+        Time.now + expiry
+      end
+    end
+    def max_age
+      if expiry.is_a? Integer
+        expiry
+      else
+        expiry - Time.now
+      end
+    end 
+    def port
+      nil
+    end   
+    def initialize(uri, *params)
+      case params.length
+      when 1
+        args = params[0]
+      when 2
+        args = {:name => args[0], :value => args[1]}
+      else
+        raise ArgumentError.new "wrong number of arguments (expected 1 or 2)"
+      end
+    
+      @domain    = determine_cookie_domain(uri, args[:domain])
+      @expiry    = args[:max_age]   || args[:expires_at] || nil
+      @path      = determine_cookie_path(uri, args[:path])
+      @secure    = args[:secure]    || false
+      @http_only = args[:http_only] ||false
+      @name      = args[:name]
+      @value     = args[:value]
+      @version   = args[:version]
+      @created_at = DateTime.now
+    end
+  
+    PARAM1 = /\A(#{PATTERN::TOKEN})(?:=#{PATTERN::VALUE1})?\Z/
+    # PARAM2 = /\A(#{PATTERN::TOKEN})(?:=#{PATTERN::VALUE2})?\Z/
+
+    def self.from_set_cookie(request_uri, set_cookie_value)
+      args = {}
+      params=set_cookie_value.split(/;\s*/)
+      params.each do |param|
+        result = PARAM1.match param
+        if (!result) 
+          raise InvalidCookieError.new("Invalid cookie parameter in cookie '#{set_cookie_value}'")
+        end
+        key = result[1].upcase
+        keyvalue = result[2] || result[3]
+        case key
+        when 'EXPIRES'
+          args[:expires_at] = DateTime.parse(keyvalue)
+        when 'DOMAIN'
+          args[:domain] = keyvalue.downcase
+        when 'PATH'
+          args[:path] = keyvalue
+        when 'SECURE'
+          args[:secure] = true
+        when 'HTTPONLY'
+          args[:http_only] = true
+        else
+          args[:name] = result[1]
+          args[:value] = keyvalue
+        end
+      end
+      args[:version] = 0
+      Cookie.new(request_uri, args)
+    end
+  
+    def to_s
+      %Q^#{name}=#{value}#{if(domain) then "; domain=#{domain}" end}#{if (expiry) then "; expiry=#{expiry}" end}#{if (path) then "; path=#{path}" end}#{if (secure) then "; secure" end }#{if (http_only) then "; HTTPOnly" end}^
+    end  
+  end
+end

data/lib/cookiejar/cookie_common.rb

@@ -0,0 +1,4 @@
+module CookieJar
+  class CookieError < StandardError; end
+  class InvalidCookieError < CookieError; end
+end

data/lib/cookiejar/cookie_logic.rb

@@ -0,0 +1,202 @@
+require 'uri'
+require 'cookiejar/cookie_common'
+
+module CookieJar
+  module CookieLogic
+    module PATTERN
+      include URI::REGEXP::PATTERN
+
+      TOKEN = '[^(),\/<>@;:\\\"\[\]?={}\s]*'
+      VALUE1 = "([^;]*)"
+      IPADDR = "#{IPV4ADDR}|#{IPV6ADDR}"
+      BASE_HOSTNAME = "(?:#{DOMLABEL}\\.)((?:(?:#{DOMLABEL}\\.)+(?:#{TOPLABEL}\\.?)|local))"
+
+      # QUOTED_PAIR = "\\\\[\\x00-\\x7F]"
+      # LWS = "\\r\\n(?:[ \\t]+)"
+      # TEXT="[\\t\\x20-\\x7E\\x80-\\xFF]|(?:#{LWS})"
+      # QDTEXT="[\\t\\x20-\\x21\\x23-\\x7E\\x80-\\xFF]|(?:#{LWS})"
+      # QUOTED_TEXT = "\\\"((?:#{QDTEXT}|#{QUOTED_PAIR})*)\\\""
+      # VALUE2 = "(#{TOKEN})|#{QUOTED_TEXT}"
+
+    end
+    BASE_HOSTNAME = /#{PATTERN::BASE_HOSTNAME}/
+    BASE_PATH = /\A((?:[^\/?#]*\/)*)/
+    IPADDR = /\A#{PATTERN::IPADDR}\Z/
+    # HDN = /\A#{PATTERN::HOSTNAME}\Z/
+    # TOKEN = /\A#{PATTERN::TOKEN}\Z/
+    # TWO_DOT_DOMAINS = /\A\.(com|edu|net|mil|gov|int|org)\Z/
+  
+    # Compute the effective host (RFC 2965, section 1)
+    # [host] a string or URI.
+    #
+    # Has the added additional logic of searching for interior dots specifically, and
+    # matches colons to prevent .local being suffixed on IPv6 addresses
+    def effective_host(host)
+      hostname = host.is_a?(URI) ? host.host : host
+      hostname = hostname.downcase
+    
+      if /.(?:[\.:])./.match(hostname)
+        hostname
+      else
+        hostname + '.local'
+      end
+    end
+  
+    # Processes cookie domain data using the following rules:
+    # Domains strings of the form .foo.com match 'foo.com' and all immediate
+    # subdomains of 'foo.com'. Domain strings specified of the form 'foo.com' are
+    # modified to '.foo.com', and as such will still apply to subdomains.
+    #
+    # Cookies without an explicit domain will have their domain value taken directly
+    # from the URL, and will _NOT_ have any leading dot applied. For example, a request
+    # to http://foo.com/ will cause an entry for 'foo.com' to be created - which applies
+    # to foo.com but no subdomain.
+    #
+    # Note that this will not attempt to detect a mismatch of the request uri domain
+    # and explicitly specified cookie domain
+    def determine_cookie_domain (request_uri, cookie_domain)
+      uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+      domain = cookie_domain.is_a?(Cookie) ? cookie_domain.domain : cookie_domain
+    
+      if domain == nil || domain.empty?
+        domain = effective_host(uri.host)
+      else
+        domain = domain.downcase
+        if (domain =~ IPADDR || domain.start_with?('.'))
+          domain
+        else
+          ".#{domain}" 
+        end
+      end
+    end
+
+    # Processes cookie path data using the following rules:
+    # Paths are separated by '/' characters, and accepted values are truncated
+    # to the last '/' character. If no path is specified in the cookie, a path
+    # value will be taken from the request URI which was used for the site.
+    #
+    # Note that this will not attempt to detect a mismatch of the request uri domain
+    # and explicitly specified cookie path
+    def determine_cookie_path(request_uri, cookie_path)
+      uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+      cookie_path = cookie_path.is_a?(Cookie) ? cookie_path.path : cookie_path
+    
+      if (cookie_path == nil || cookie_path.empty?)
+        cookie_path = cookie_base_path uri.path
+      end
+      cookie_path
+    end
+
+    # Compute the reach of a hostname (RFC 2965, section 1)
+    # Determines the next highest superdomain, or nil if none valid
+    def hostname_reach hostname
+      host = hostname.is_a?(URI) ? hostname.host : hostname
+      BASE_HOSTNAME.match(host) && $~[1] || nil
+    end
+
+    # Compute the base of a path.   
+    def cookie_base_path(path)
+      path = path.is_a?(URI) ? path.path : path
+      BASE_PATH.match(path)[1]
+    end
+  
+    # Compare a base domain against the base domain to see if they match, or
+    # if the base domain is reachable
+    def domains_match tested_domain,base_domain
+      return true if (tested_domain == base_domain || ".#{tested_domain}" == base_domain)
+      lhs = effective_host tested_domain
+      rhs = effective_host base_domain
+      lhs == rhs || ".#{lhs}" == rhs || hostname_reach(lhs) == rhs || ".#{hostname_reach lhs}" == rhs
+    end
+
+    # Check whether a cookie meets all of the rules to be created, based on 
+    # its internal settings and the URI it came from.
+    #
+    # returns true on success, but will raise an InvalidCookieError on failure
+    # with an appropriate error message
+    def validate_cookie request_uri, cookie
+      uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+    
+      request_host = effective_host uri.host
+      request_path = uri.path
+      request_secure = (uri.scheme == 'https')
+      cookie_host = cookie.domain
+      cookie_path = cookie.path
+    
+      # From RFC 2965, Section 3.3.2 Rejecting Cookies
+    
+      # A user agent rejects (SHALL NOT store its information) if the 
+      # Version attribute is missing. Note that the legacy Set-Cookie
+      # directive will result in an implicit version 0.
+      unless cookie.version
+        raise InvalidCookieError, "Cookie version not supplied (or implicit with Set-Cookie)"
+      end
+
+      # The value for the Path attribute is not a prefix of the request-URI
+      unless request_path.start_with? cookie_path 
+        raise InvalidCookieError, "Cookie path should match or be a subset of the request path"
+      end
+
+      # The value for the Domain attribute contains no embedded dots, and the value is not .local
+      # Note: we also allow IPv4 and IPv6 addresses
+      unless cookie_host =~ IPADDR || cookie_host =~ /.\../ || cookie_host == '.local'
+        raise InvalidCookieError, "Cookie domain format is not legal"
+      end
+    
+      # The effective host name that derives from the request-host does
+      # not domain-match the Domain attribute.
+      #
+      # The request-host is a HDN (not IP address) and has the form HD,
+      # where D is the value of the Domain attribute, and H is a string
+      # that contains one or more dots.
+      effective_host = effective_host uri
+      unless domains_match effective_host, cookie_host
+        raise InvalidCookieError, "Cookie domain is inappropriate based on request hostname"
+      end
+    
+      # The Port attribute has a "port-list", and the request-port was
+      # not in the list.
+      if cookie.port.to_a.length != 0
+        unless cookie.port.to_a.find_index uri.port
+          raise InvalidCookieError, "incoming request port does not match cookie port(s)"
+        end
+      end
+    
+      # Note: 'secure' is not explicitly defined as an SSL channel, and no
+      # test is defined around validity and the 'secure' attribute
+      true
+    end
+  
+    # Given a URI, compute the relevant search domains for pre-existing
+    # cookies. This includes all the valid dotted forms for a named or IP
+    # domains.
+    def compute_search_domains request_uri
+      uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+      host = effective_host uri
+      result = [host]
+      if (host !~ IPADDR)
+        result << ".#{host}"
+      end
+      base = hostname_reach host
+      if (base)
+        result << ".#{base}"
+      end
+      result
+    end
+    
+    # Return true if (given a URI, a cookie object and other options) a cookie
+    # should be sent to a host. Note that this currently ignores domain.
+    #
+    # The third option, 'script', indicates that cookies with the 'http only'
+    # extension should be ignored
+    def send_cookie? uri, cookie, script
+      # cookie path must start with the uri, it must not be a secure cookie being sent over http,
+      # and it must not be a http_only cookie sent to a script
+      path_match   = uri.path.start_with? cookie.path
+      secure_match = !(cookie.secure && uri.scheme == 'http') 
+      script_match = !(script && cookie.http_only)
+      expiry_match = cookie.expires_at.nil? || cookie.expires_at > Time.now
+      path_match && secure_match && script_match && expiry_match
+    end
+  end
+end

data/lib/cookiejar/jar.rb

@@ -0,0 +1,125 @@
+require 'cookiejar/cookie_logic'
+
+# A cookie store for client side usage. 
+# - Enforces cookie validity rules
+# - Returns just the cookies valid for a given URI
+# - Handles expiration of cookies
+# - Allows for persistence of cookie data (with or without sessoin) 
+#
+#--
+# Internal format:
+# 
+# Internally, the data structure is a set of nested hashes.
+# Domain Level:
+# At the domain level, the hashes are of individual domains,
+# down-cased and without any leading period. For instance, imagine cookies
+# for .foo.com, .bar.com, and .auth.bar.com:
+#
+# { 
+#   "foo.com"      : <host data>,
+#   "bar.com"      : <host data>,
+#   "auth.bar.com" : <host data>
+# }
+# Lookups are done both for the matching entry, and for an entry without
+# the first segment up to the dot, ie. for /^\.?[^\.]+\.(.*)$/.
+# A lookup of auth.bar.com would match both bar.com and 
+# auth.bar.com, but not entries for com or www.auth.bar.com.
+#
+# Host Level:
+# Entries are in an hash, with keys of the path and values of a hash of
+# cookie names to cookie object
+#
+# {
+#   "/" : {"session" : <Cookie>, "cart_id" : <Cookie>}
+#   "/protected" : {"authentication" : <Cookie>}
+# }
+#
+# Paths are given a straight prefix string comparison to match.
+# Further filters <secure, http only, ports> are not represented in this
+# heirarchy. 
+#
+# Cookies returned are ordered solely by specificity (length) of the
+# path. 
+module CookieJar
+  class Jar
+    include CookieLogic
+    def initialize
+  	  @domains = {}
+    end
+    
+    # Given a request URI and a literal Set-Cookie header value, attempt to
+    # add the cookie to the cookie store.
+    # 
+    # returns the Cookie object on success, otherwise raises an 
+    # InvalidCookieError
+    def set_cookie request_uri, cookie_header_value
+    	uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+    	host = effective_host uri
+    	cookie = Cookie.from_set_cookie(uri, cookie_header_value)
+    	if (validate_cookie uri, cookie)
+    	  domain_paths = find_or_add_domain_for_cookie(cookie.domain)
+    	  add_cookie_to_path(domain_paths,cookie)
+    	  cookie
+    	end
+    end
+    
+    # Given a request URI, return a sorted list of Cookie objects. Cookies
+    # will be in order per RFC 2965 - sorted by longest path length, but
+    # otherwise unordered.
+    #
+    # optional arguments are 
+    # - :script - if set, cookies set to be HTTP-only will be ignored
+    def get_cookies request_uri, args = {}
+  	  uri = request_uri.is_a?(URI)? request_uri : URI.parse(request_uri)
+    	hosts = compute_search_domains uri
+	
+    	results = []
+    	hosts.each do |host|
+    	  domain = find_domain_for_cookie host
+    	  domain.each do |path, cookies|
+    		  if uri.path.start_with? path
+      		  results += cookies.select do |name, cookie|
+        			send_cookie? uri, cookie, args[:script]
+        		end.collect do |name, cookie|
+        			cookie
+        		end            
+        	end
+      	end
+      end
+    	#Sort by path length, longest first
+    	results.sort do |lhs, rhs|
+    	  rhs.path.length <=> lhs.path.length
+    	end
+    end
+    
+    # Given a request URI, return a sorted array of Cookie headers, in the 
+    # format ['Cookie', '<Header Value>']. Cookies will be in order per 
+    # RFC 2965 - sorted by longest path length, but otherwise unordered.
+    #
+    # optional arguments are 
+    # - :script - if set, cookies set to be HTTP-only will be ignored    
+    def get_cookie_headers request_uri, args = {}
+    	cookies = get_cookies request_uri, args
+    	cookies.map do |cookie|
+    	  ['Cookie', "#{cookie.name}=#{cookie.value}"]
+    	end
+    end
+
+  protected  
+
+    def find_domain_for_cookie domain
+    	domain = effective_host domain
+    	@domains[domain] || {}
+    end
+
+    def find_or_add_domain_for_cookie(domain)
+    	domain = effective_host domain
+    	@domains[domain] ||= {}
+    end
+	
+    def add_cookie_to_path (paths, cookie)
+    	path_entry = (paths[cookie.path] ||= {})
+    	path_entry[cookie.name] = cookie
+    end
+  end
+end

data/lib/cookiejar.rb

@@ -0,0 +1,2 @@
+require 'cookiejar/cookie'
+require 'cookiejar/jar'

data/test/cookie_logic_test.rb

@@ -0,0 +1,236 @@
+require 'cookiejar'
+require 'cookiejar/cookie_logic'
+include CookieJar
+
+describe CookieLogic do
+  include CookieLogic
+  
+  describe ".effective_host" do
+    it "should leave proper domains the same" do
+      ['google.com', 'www.google.com', 'google.com.'].each do |value|
+        effective_host(value).should == value
+      end
+    end
+    it "should handle a URI object" do
+      effective_host(URI.parse('http://example.com/')).should == 'example.com'
+    end	
+    it "should add a local suffix on unqualified hosts" do
+      effective_host('localhost').should == 'localhost.local'
+    end
+    it "should leave IPv4 addresses alone" do
+      effective_host('127.0.0.1').should == '127.0.0.1'
+    end
+    it "should leave IPv6 addresses alone" do
+      ['2001:db8:85a3::8a2e:370:7334', ':ffff:192.0.2.128'].each do |value|
+        effective_host(value).should == value
+      end
+    end
+    it "should lowercase addresses" do
+      effective_host('FOO.COM').should == 'foo.com'
+    end
+  end
+  
+  describe '.hostname_reach' do
+    it "should find the next highest subdomain" do
+      {'www.google.com' => 'google.com', 'auth.corp.companyx.com' => 'corp.companyx.com'}.each do |entry|
+        hostname_reach(entry[0]).should == entry[1]
+      end
+    end
+    it "should handle domains with suffixed dots" do
+      hostname_reach('www.google.com.').should == 'google.com.'
+    end
+    it "should return nil for a root domain" do
+      hostname_reach('github.com').should be_nil
+    end
+    it "should return 'local' for a local domain" do
+      ['foo.local', 'foo.local.'].each do |hostname|
+        hostname_reach(hostname).should == 'local'
+      end
+    end
+    it "should return nil for an IPv4 address" do
+      hostname_reach('127.0.0.1').should be_nil
+    end
+    it "should return nil for IPv6 addresses" do
+      ['2001:db8:85a3::8a2e:370:7334', '::ffff:192.0.2.128'].each do |value|
+        hostname_reach(value).should be_nil
+      end
+    end
+  end
+
+  describe '.cookie_base_path' do
+    it "should leave '/' alone" do
+      cookie_base_path('/').should == '/'
+    end
+    it "should strip off everything after the last '/'" do
+      cookie_base_path('/foo/bar/baz').should == '/foo/bar/'
+    end
+    it "should handle query parameters and fragments with slashes" do
+      cookie_base_path('/foo/bar?query=a/b/c#fragment/b/c').should == '/foo/'
+    end
+    it "should handle URI objects" do
+      cookie_base_path(URI.parse('http://www.foo.com/bar/')).should == '/bar/'
+    end
+    it "should preserve case" do
+      cookie_base_path("/BaR/").should == '/BaR/'
+    end
+  end
+  
+  describe '.determine_cookie_domain' do
+    it "should add a dot to the front of domains" do
+      determine_cookie_domain('http://foo.com/', 'foo.com').should == '.foo.com'
+    end
+    it "should not add a second dot if one present" do
+      determine_cookie_domain('http://foo.com/', '.foo.com').should == '.foo.com'
+    end
+    it "should handle Cookie objects" do
+      c = Cookie.from_set_cookie('http://foo.com/', "foo=bar;domain=foo.com")
+      determine_cookie_domain('http://foo.com/', c).should == '.foo.com'
+    end
+    it "should handle URI objects" do
+      determine_cookie_domain(URI.parse('http://foo.com/'), '.foo.com').should == '.foo.com'
+    end
+    it "should use an exact hostname when no domain specified" do
+      determine_cookie_domain('http://foo.com/', '').should == 'foo.com'
+    end
+    it "should leave IPv4 addresses alone" do
+      determine_cookie_domain('http://127.0.0.1/', '127.0.0.1').should == '127.0.0.1'
+    end
+    it "should leave IPv6 addresses alone" do
+      ['2001:db8:85a3::8a2e:370:7334', '::ffff:192.0.2.128'].each do |value|
+        determine_cookie_domain("http://[#{value}]/", value).should == value
+      end
+    end
+  end
+  describe '.determine_cookie_path' do
+    it "should use the requested path when none is specified for the cookie" do
+      determine_cookie_path('http://foo.com/', nil).should == '/'
+      determine_cookie_path('http://foo.com/bar/baz', '').should == '/bar/'
+    end
+    it "should handle URI objects" do
+      determine_cookie_path(URI.parse('http://foo.com/bar/'), '').should == '/bar/'
+    end
+    it "should handle Cookie objects" do
+      cookie = Cookie.from_set_cookie('http://foo.com/', "name=value;path=/")
+      determine_cookie_path('http://foo.com/', cookie).should == '/'
+    end
+    it "should ignore the request when a path is specified" do
+      determine_cookie_path('http://foo.com/ignorable/path', '/path/').should == '/path/'
+    end
+  end
+  describe '.domains_match' do
+    it "should handle exact matches" do
+      domains_match('foo', 'foo').should be_true
+      domains_match('foo.com', 'foo.com').should be_true
+      domains_match('127.0.0.1', '127.0.0.1').should be_true
+      domains_match('::ffff:192.0.2.128', '::ffff:192.0.2.128').should be_true
+    end
+    it "should handle matching a superdomain" do
+      domains_match('auth.foo.com', 'foo.com').should be_true
+      domains_match('x.y.z.foo.com', 'y.z.foo.com').should be_true
+    end
+    it "should not match superdomains, or illegal domains" do
+      domains_match('x.y.z.foo.com', 'z.foo.com').should be_false
+      domains_match('foo.com', 'com').should be_false
+    end
+    it "should not match domains with and without a dot suffix together" do
+      domains_match('foo.com.', 'foo.com').should be_false
+    end
+  end
+  describe '.validate_cookie' do
+    localaddr = 'http://localhost/foo/bar/'
+    it "should fail if version unset" do
+      unversioned = Cookie.new localaddr, :name => 'foo', :value => 'bar', :version => nil
+      lambda do
+        validate_cookie localaddr, unversioned
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail if the path is more specific" do
+      subdirred = Cookie.new localaddr, :name => 'foo', :value => 'bar', :version => 0, :path => '/foo/bar/baz'
+      lambda do
+        validate_cookie localaddr, subdirred
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail if the path is different than the request" do
+      difdirred = Cookie.new localaddr, :name => 'foo', :value => 'bar', :version => 0, :path => '/baz/'
+      lambda do
+        validate_cookie localaddr, difdirred
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail if the domain has no dots" do
+      nodot = Cookie.new 'http://zero/', :name => 'foo', :value => 'bar', :version => 0, :domain => 'zero'
+      lambda do
+        validate_cookie 'http://zero/', nodot
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail for explicit localhost" do
+      localhost = Cookie.new localaddr, :name => 'foo', :value => 'bar', :version => 0, :domain => 'localhost'
+      lambda do
+        validate_cookie localaddr, localhost
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail for mismatched domains" do
+      foobar = Cookie.new 'http://www.foo.com/', :name => 'foo', :value => 'bar', :version => 0, :domain => 'bar.com'
+      lambda do
+        validate_cookie 'http://www.foo.com/', foobar
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail for domains more than one level up" do
+      xyz = Cookie.new 'http://x.y.z.com/', :name => 'foo', :value => 'bar', :version => 0, :domain => 'z.com'
+      lambda do
+        validate_cookie 'http://x.y.z.com/', xyz
+      end.should raise_error InvalidCookieError
+    end
+    it "should fail for setting subdomain cookies" do
+      subdomain = Cookie.new 'http://foo.com/', :name => 'foo', :value => 'bar', :version => 0, :domain => 'auth.foo.com'
+      lambda do
+        validate_cookie 'http://foo.com/', subdomain
+      end.should raise_error InvalidCookieError
+    end
+    it "should handle a normal implicit internet cookie" do
+      normal = Cookie.new 'http://foo.com/', :name => 'foo', :value => 'bar', :version => 0
+      validate_cookie('http://foo.com/', normal).should be_true
+    end
+    it "should handle a normal implicit localhost cookie" do
+      localhost = Cookie.new 'http://localhost/', :name => 'foo', :value => 'bar', :version => 0
+      validate_cookie('http://localhost/', localhost).should be_true
+    end
+    it "should handle an implicit IP address cookie" do
+      ipaddr =  Cookie.new 'http://127.0.0.1/', :name => 'foo', :value => 'bar', :version => 0
+      validate_cookie('http://127.0.0.1/', ipaddr).should be_true
+    end
+    it "should handle an explicit domain on an internet site" do
+      explicit = Cookie.new 'http://foo.com/', :name => 'foo', :value => 'bar', :version => 0, :domain => '.foo.com'
+      validate_cookie('http://foo.com/', explicit).should be_true
+    end
+    it "should handle setting a cookie explicitly on a superdomain" do
+      superdomain = Cookie.new 'http://auth.foo.com/', :name => 'foo', :value => 'bar', :version => 0, :domain => '.foo.com'
+      validate_cookie('http://foo.com/', superdomain).should be_true
+    end
+    it "should handle explicitly setting a cookie" do
+      explicit = Cookie.new 'http://foo.com/bar/', :name => 'foo', :value => 'bar', :version => 0, :path => '/bar/'
+      validate_cookie('http://foo.com/bar/', explicit)
+    end
+    it "should handle setting a cookie on a higher path" do
+      higher = Cookie.new 'http://foo.com/bar/baz/', :name => 'foo', :value => 'bar', :version => 0, :path => '/bar/'
+      validate_cookie('http://foo.com/bar/baz/', higher)
+    end
+  end
+  describe '.compute_search_domains' do
+    it "should handle subdomains" do
+      compute_search_domains('http://www.auth.foo.com/').should ==
+       ['www.auth.foo.com', '.www.auth.foo.com', '.auth.foo.com']
+    end
+    it "should handle root domains" do
+      compute_search_domains('http://foo.com/').should ==
+      ['foo.com', '.foo.com']
+    end
+    it "should handle IP addresses" do
+      compute_search_domains('http://127.0.0.1/').should ==
+      ['127.0.0.1']
+    end
+    it "should handle local addresses" do
+      compute_search_domains('http://zero/').should == 
+      ['zero.local', '.zero.local', '.local']
+    end
+  end
+end

data/test/cookie_test.rb

@@ -0,0 +1,24 @@
+require 'cookiejar'
+include CookieJar
+
+NETSCAPE_SPEC_SET_COOKIE_HEADERS =
+['CUSTOMER=WILE_E_COYOTE; path=/; expires=Wednesday, 09-Nov-99 23:12:40 GMT',
+ 'PART_NUMBER=ROCKET_LAUNCHER_0001; path=/',
+ 'SHIPPING=FEDEX; path=/foo',
+ 'PART_NUMBER=ROCKET_LAUNCHER_0001; path=/',
+ 'PART_NUMBER=RIDING_ROCKET_0023; path=/ammo']
+ 
+describe Cookie do
+  describe "#from_set_cookie" do
+    it "should handle cookies from the netscape spec" do
+      NETSCAPE_SPEC_SET_COOKIE_HEADERS.each do |header|
+        cookie = Cookie.from_set_cookie 'http://localhost', header
+      end
+    end
+    it "should give back the input names and values" do
+      cookie = Cookie.from_set_cookie 'http://localhost/', 'foo=bar'
+      cookie.name.should == 'foo'
+      cookie.value.should == 'bar'
+    end
+  end
+end

data/test/jar_test.rb

@@ -0,0 +1,54 @@
+require 'cookiejar'
+require 'yaml'
+include CookieJar
+
+describe Jar do
+  describe '.setCookie' do
+    it "should allow me to set a cookie" do
+      jar = Jar.new 
+      jar.set_cookie 'http://foo.com/', 'foo=bar'
+    end
+    it "should allow me to set multiple cookies" do
+      jar = Jar.new 
+      jar.set_cookie 'http://foo.com/', 'foo=bar'
+      jar.set_cookie 'http://foo.com/', 'bar=baz'
+      jar.set_cookie 'http://auth.foo.com/', 'foo=bar'
+      jar.set_cookie 'http://auth.foo.com/', 'auth=135121...;domain=foo.com'    
+    end
+  end
+  describe '.get_cookies' do
+    it "should let me read back cookies which are set" do
+      jar = Jar.new 
+      jar.set_cookie 'http://foo.com/', 'foo=bar'
+      jar.set_cookie 'http://foo.com/', 'bar=baz'
+      jar.set_cookie 'http://auth.foo.com/', 'foo=bar'
+      jar.set_cookie 'http://auth.foo.com/', 'auth=135121...;domain=foo.com'
+      jar.get_cookies('http://foo.com/').should have(3).items
+    end
+    it "should return cookies longest path first" do
+      jar = Jar.new
+      uri = 'http://foo.com/a/b/c/d' 
+      jar.set_cookie uri, 'a=bar'
+      jar.set_cookie uri, 'b=baz;path=/a/b/c/d'
+      jar.set_cookie uri, 'c=bar;path=/a/b'
+      jar.set_cookie uri, 'd=bar;path=/a/'
+      cookies = jar.get_cookies(uri)
+      cookies.should have(4).items
+      cookies[0].name.should == 'b'
+      cookies[1].name.should == 'a'
+      cookies[2].name.should == 'c'
+      cookies[3].name.should == 'd'
+    end
+  end
+  describe '.get_cookie_headers' do
+    it "should return cookie headers" do
+      jar = Jar.new
+      uri = 'http://foo.com/a/b/c/d' 
+      jar.set_cookie uri, 'a=bar'
+      jar.set_cookie uri, 'b=baz;path=/a/b/c/d'
+      cookie_headers = jar.get_cookie_headers uri
+      cookie_headers.should have(2).items
+      cookie_headers.should == [['Cookie', 'b=baz'],['Cookie', 'a=bar']]
+    end
+  end
+end

metadata

@@ -0,0 +1,61 @@
+--- !ruby/object:Gem::Specification 
+name: dwaite-cookiejar
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- David Waite
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-09-07 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: Allows for parsing and returning cookies in Ruby HTTP client code
+email: david@alkaline-solutions.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- lib/cookiejar/cookie.rb
+- lib/cookiejar/cookie_common.rb
+- lib/cookiejar/cookie_logic.rb
+- lib/cookiejar/jar.rb
+- lib/cookiejar.rb
+- test/cookie_logic_test.rb
+- test/cookie_test.rb
+- test/jar_test.rb
+has_rdoc: false
+homepage: http://alkaline-solutions.com
+post_install_message: 
+rdoc_options: 
+- --title
+- CookieJar -- Client-side HTTP Cookies
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 3
+summary: Client-side HTTP Cookie library
+test_files: []
+