http-cookie 0.1.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in http-cookie.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,24 @@
+Copyright (c) 2013 Akinori MUSHA
+Copyright (c) 2011-2012 Akinori MUSHA, Eric Hodel
+Copyright (c) 2006-2011 Aaron Patterson, Mike Dalessio
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,139 @@
+# HTTP::Cookie
+
+`HTTP::Cookie` is a ruby library to handle HTTP cookies in a way both
+compliant with RFCs and compatible with today's major browsers.
+
+It was originally a part of the
+[Mechanize](https://github.com/sparklemotion/mechanize) library,
+separated as an independent library in the hope of serving as a common
+component that is reusable from any HTTP related piece of software.
+
+## Installation
+
+Add this line to your application's `Gemfile`:
+
+    gem 'http-cookie'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install http-cookie
+
+## Usage
+
+    ########################
+    # Client side example
+    ########################
+
+    # Initialize a cookie jar
+    jar = HTTP::CookieJar.new
+
+    # Load from a file
+    jar.load(filename) if File.exist?(filename)
+
+    # Store received cookies
+    HTTP::Cookie.parse(set_cookie_header_value, origin: uri) { |cookie|
+      jar << cookie
+    }
+
+    # Get the value for the Cookie field of a request header
+    cookie_header_value = jar.cookies(uri).join(', ')
+
+    # Save to a file
+    jar.save(filename)
+
+
+    ########################
+    # Server side example
+    ########################
+
+    # Generate a cookie
+    cookies = HTTP::Cookie.new("uid", "a12345", domain: 'example.org',
+                                                for_domain: true,
+                                                path: '/',
+                                                max_age: 7*86400)
+
+    # Get the value for the Set-Cookie field of a response header
+    set_cookie_header_value = cookies.set_cookie_value(my_url)
+
+
+## Incompatibilities with `Mechanize::Cookie`/`CookieJar`
+
+There are several incompatibilities between
+`Mechanize::Cookie`/`CookieJar` and `HTTP::Cookie`/`CookieJar`.  Below
+is how to rewrite existing code written for `Mechanize::Cookie` with
+equivalent using `HTTP::Cookie`:
+
+- `Mechanize::Cookie.parse`
+
+        # before
+        cookie1 = Mechanize::Cookie.parse(uri, set_cookie1)
+        cookie2 = Mechanize::Cookie.parse(uri, set_cookie2, log)
+
+        # after
+        cookie1 = HTTP::Cookie.parse(set_cookie1, :origin => uri)
+        cookie2 = HTTP::Cookie.parse(set_cookie2, :origin => uri, :logger => log)
+
+- `Mechanize::Cookie#set_domain`
+
+        # before
+        cookie.set_domain(domain)
+
+        # after
+        cookie.domain = domain
+
+- `Mechanize::CookieJar#add`, `#add!`
+
+        # before
+        jar.add!(cookie1)
+        jar.add(uri, cookie2)
+
+        # after
+        jar.add(cookie1)
+        cookie2.origin = uri; jar.add(cookie2)  # or specify origin in parse() or new()
+
+- `Mechanize::CookieJar#clear!`
+
+        # before
+        jar.clear!
+
+        # after
+        jar.clear
+
+- `Mechanize::CookieJar#save_as`
+
+        # before
+        jar.save_as(file)
+
+        # after
+        jar.save(file)
+
+`HTTP::Cookie`/`CookieJar` raise runtime errors to help migration, so
+after replacing the class names, try running your test code once to
+find out how to fix your code base.
+
+### File formats
+
+The YAML serialization format has changed, and `HTTP::CookieJar#load`
+cannot import what is written in a YAML file saved by
+`Mechanize::CookieJar#save_as`.  `HTTP::CookieJar#load` will not raise
+an exception if an incompatible YAML file is given, but the content is
+silently ignored.
+
+Note that there is (obviously) no forward compatibillity with this.
+Trying to load a YAML file saved by `HTTP::CookieJar` with
+`Mechanize::CookieJar` will fail in runtime error.
+
+On the other hand, there has been (and will ever be) no change in the
+cookies.txt format, so use it instead if compatibility is required.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,26 @@
+require "bundler/gem_tasks"
+
+if RUBY_VERSION >= '1.9.0'
+  require 'rake/testtask'
+  Rake::TestTask
+else
+  require 'rcov/rcovtask'
+  Rcov::RcovTask
+end.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.ruby_opts << '-r./test/simplecov_start.rb' if !defined?(Rcov)
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+task :default => :test
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = HTTP::Cookie::VERSION
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "http-cookie #{version}"
+  rdoc.rdoc_files.include('lib/**/*.rb')
+  rdoc.rdoc_files.include(Bundler::GemHelper.gemspec.extra_rdoc_files)
+end

data/http-cookie.gemspec

@@ -0,0 +1,29 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'http/cookie/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "http-cookie"
+  gem.version       = HTTP::Cookie::VERSION
+  gem.authors, gem.email = {
+    'Akinori MUSHA'   => 'knu@idaemons.org',
+    'Aaron Patterson' => 'aaronp@rubyforge.org',
+    'Eric Hodel'      => 'drbrain@segment7.net',
+    'Mike Dalessio'   => 'mike.dalessio@gmail.com',
+  }.instance_eval { [keys, values] }
+
+  gem.description   = %q{A Ruby library to handle HTTP Cookies}
+  gem.summary       = %q{A Ruby library to handle HTTP Cookies}
+  gem.homepage      = "https://github.com/sparklemotion/http-cookie"
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_runtime_dependency("domain_name", ["~> 0.5"])
+  gem.add_development_dependency("bundler", [">= 1.2.0"])
+  gem.add_development_dependency("test-unit", [">= 2.4.3"])
+  gem.add_development_dependency("simplecov", [">= 0"])
+end

data/lib/http-cookie.rb

@@ -0,0 +1 @@
+require 'http/cookie'

data/lib/http/cookie.rb

@@ -0,0 +1,447 @@
+require 'http/cookie/version'
+require 'time'
+require 'webrick/httputils'
+require 'domain_name'
+
+module HTTP
+  autoload :CookieJar, 'http/cookie_jar'
+end
+
+# This class is used to represent an HTTP Cookie.
+class HTTP::Cookie
+  # Maximum number of bytes per cookie (RFC 6265 6.1 requires 4096 at least)
+  MAX_LENGTH = 4096
+  # Maximum number of cookies per domain (RFC 6265 6.1 requires 50 at least)
+  MAX_COOKIES_PER_DOMAIN = 50
+  # Maximum number of cookies total (RFC 6265 6.1 requires 3000 at least)
+  MAX_COOKIES_TOTAL = 3000
+
+  UNIX_EPOCH = Time.at(0)
+
+  PERSISTENT_PROPERTIES = %w[
+    name        value
+    domain      for_domain  path
+    secure      httponly
+    expires     created_at  accessed_at
+  ]
+
+  # In Ruby < 1.9.3 URI() does not accept an URI object.
+  if RUBY_VERSION < "1.9.3"
+    module URIFix
+      def URI(url)
+        url.is_a?(URI) ? url : Kernel::URI(url)
+      end
+      private :URI
+    end
+  end
+
+  if String.respond_to?(:try_convert)
+    def check_string_type(object)
+      String.try_convert(object)
+    end
+    private :check_string_type
+  else
+    def check_string_type(object)
+      if object.is_a?(String) ||
+          (object.respond_to?(:to_str) && (object = object.to_str).is_a?(String))
+        object
+      else
+        nil
+      end
+    end
+    private :check_string_type
+  end
+
+  include URIFix if defined?(URIFix)
+
+  attr_reader :name, :domain, :path, :origin
+  attr_accessor :secure, :httponly, :value, :version
+  attr_reader :domain_name, :expires
+  attr_accessor :comment, :max_age
+
+  attr_accessor :session
+
+  attr_accessor :created_at
+  attr_accessor :accessed_at
+
+  # :call-seq:
+  #     new(name, value)
+  #     new(name, value, attr_hash)
+  #     new(attr_hash)
+  #
+  # Creates a cookie object.  For each key of +attr_hash+, the setter
+  # is called if defined.  Each key can be either a symbol or a
+  # string, downcased or not.
+  #
+  # e.g.
+  #     new("uid", "a12345")
+  #     new("uid", "a12345", :domain => 'example.org',
+  #                          :for_domain => true, :expired => Time.now + 7*86400)
+  #     new("name" => "uid", "value" => "a12345", "Domain" => 'www.example.org')
+  #
+  def initialize(*args)
+    @version = 0     # Netscape Cookie
+
+    @origin = @domain = @path =
+      @secure = @httponly =
+      @expires = @max_age =
+      @comment = nil
+
+    @created_at = @accessed_at = Time.now
+    case args.size
+    when 2
+      self.name, self.value = *args
+      @for_domain = false
+      return
+    when 3
+      self.name, self.value, attr_hash = *args
+    when 1
+      attr_hash = args.first
+    else
+      raise ArgumentError, "wrong number of arguments (#{args.size} for 1-3)"
+    end
+    for_domain = false
+    origin = nil
+    attr_hash.each_pair { |key, val|
+      skey = key.to_s.downcase
+      if skey.sub!(/\?\z/, '')
+        val = val ? true : false
+      end
+      case skey
+      when 'for_domain'
+        for_domain = !!val
+      when 'origin'
+        origin = val
+      else
+        setter = :"#{skey}="
+        send(setter, val) if respond_to?(setter)
+      end
+    }
+    if @name.nil? || @value.nil?
+      raise ArgumentError, "at least name and value must be specified"
+    end
+    @for_domain = for_domain
+    if origin
+      self.origin = origin
+    end
+  end
+
+  # If this flag is true, this cookie will be sent to any host in the
+  # +domain+.  If it is false, this cookie will be sent only to the
+  # host indicated by the +domain+.
+  attr_accessor :for_domain
+  alias for_domain? for_domain
+
+  class << self
+    include URIFix if defined?(URIFix)
+
+    # Normalizes a given path.  If it is empty, the root path '/' is
+    # returned.  If a URI object is given, returns a new URI object
+    # with the path part normalized.
+    def normalize_path(uri)
+      # Currently does not replace // to /
+      case uri
+      when URI
+        uri.path.empty? ? uri + '/' : uri
+      else
+        uri.empty? ? '/' : uri
+      end
+    end
+
+    # Parses a Set-Cookie header value +set_cookie+ into an array of
+    # Cookie objects.  Parts (separated by commas) that are malformed
+    # are ignored.
+    #
+    # If a block is given, each cookie object is passed to the block.
+    #
+    # Available option keywords are below:
+    #
+    # * +origin+
+    #   The cookie's origin URI/URL
+    # * +date+
+    #   The base date used for interpreting Max-Age attribute values
+    #   instead of the current time
+    # * +logger+
+    #   Logger object useful for debugging
+    def parse(set_cookie, options = nil, *_, &block)
+      _.empty? && !options.is_a?(String) or
+        raise ArgumentError, 'HTTP::Cookie equivalent for Mechanize::Cookie.parse(uri, set_cookie[, log]) is HTTP::Cookie.parse(set_cookie, :origin => uri[, :logger => log]).'
+
+      if options
+        logger = options[:logger]
+        origin = options[:origin] and origin = URI(origin)
+        date = options[:date]
+      end
+      date ||= Time.now
+
+      [].tap { |cookies|
+        set_cookie.split(/,(?=[^;,]*=)|,$/).each { |c|
+          if c.bytesize > MAX_LENGTH
+            logger.warn("Cookie definition too long: #{c}") if logger
+            next
+          end
+
+          cookie_elem = c.split(/;+/)
+          first_elem = cookie_elem.shift
+          first_elem.strip!
+          key, value = first_elem.split(/\=/, 2)
+
+          begin
+            cookie = new(key, value.dup)
+          rescue
+            logger.warn("Couldn't parse key/value: #{first_elem}") if logger
+            next
+          end
+
+          cookie_elem.each do |pair|
+            pair.strip!
+            key, value = pair.split(/=/, 2) #/)
+            next unless key
+            value = WEBrick::HTTPUtils.dequote(value.strip) if value
+
+            case key.downcase
+            when 'domain'
+              next unless value && !value.empty?
+              begin
+                cookie.domain = value
+                cookie.for_domain = true
+              rescue
+                logger.warn("Couldn't parse domain: #{value}") if logger
+              end
+            when 'path'
+              next unless value && !value.empty?
+              cookie.path = value
+            when 'expires'
+              next unless value && !value.empty?
+              begin
+                cookie.expires = Time.parse(value)
+              rescue
+                logger.warn("Couldn't parse expires: #{value}") if logger
+              end
+            when 'max-age'
+              next unless value && !value.empty?
+              begin
+                cookie.max_age = Integer(value)
+              rescue
+                logger.warn("Couldn't parse max age '#{value}'") if logger
+              end
+            when 'comment'
+              next unless value
+              cookie.comment = value
+            when 'version'
+              next unless value
+              begin
+                cookie.version = Integer(value)
+              rescue
+                logger.warn("Couldn't parse version '#{value}'") if logger
+                cookie.version = nil
+              end
+            when 'secure'
+              cookie.secure = true
+            when 'httponly'
+              cookie.httponly = true
+            end
+          end
+
+          cookie.secure   ||= false
+          cookie.httponly ||= false
+
+          # RFC 6265 4.1.2.2
+          cookie.expires    = date + cookie.max_age if cookie.max_age
+          cookie.session    = !cookie.expires
+
+          if origin
+            begin
+              cookie.origin = origin
+            rescue => e
+              logger.warn("Invalid cookie for the origin: #{origin} (#{e})") if logger
+              next
+            end
+          end
+
+          yield cookie if block_given?
+
+          cookies << cookie
+        }
+      }
+    end
+  end
+
+  def name=(name)
+    if name.nil? || name.empty?
+      raise ArgumentError, "cookie name cannot be empty"
+    elsif name.match(/[\x00-\x1F=\x7F]/)
+      raise ArgumentError, "cookie name cannot contain a control character or an equal sign"
+    end
+    @name = name
+  end
+
+  # Sets the domain attribute.  A leading dot in +domain+ implies
+  # turning the +for_domain?+ flag on.
+  def domain=(domain)
+    if DomainName === domain
+      @domain_name = domain
+    else
+      domain = check_string_type(domain) or
+        raise TypeError, "#{domain.class} is not a String"
+      if domain.start_with?('.')
+        @for_domain = true
+        domain = domain[1..-1]
+      end
+      # Do we really need to support this?
+      if domain.match(/\A([^:]+):[0-9]+\z/)
+        domain = $1
+      end
+      @domain_name = DomainName.new(domain)
+    end
+    @domain = @domain_name.hostname
+  end
+
+  # Used to exist in Mechanize::CookieJar.  Use #domain=().
+  def set_domain(domain)
+    raise NoMethodError, 'HTTP::Cookie equivalent for Mechanize::CookieJar#set_domain() is #domain=().'
+  end
+
+  def path=(path)
+    @path = HTTP::Cookie.normalize_path(path)
+  end
+
+  def origin=(origin)
+    @origin.nil? or
+      raise ArgumentError, "origin cannot be changed once it is set"
+    origin = URI(origin)
+    self.domain ||= origin.host
+    self.path   ||= (HTTP::Cookie.normalize_path(origin) + './').path
+    acceptable_from_uri?(origin) or
+      raise ArgumentError, "unacceptable cookie sent from URI #{origin}"
+    @origin = origin
+  end
+
+  def expires=(t)
+    case t
+    when nil, Time
+      @expires = t
+    else
+      @expires = Time.parse(t)
+    end
+  end
+
+  def expired?(time = Time.now)
+    return false unless @expires
+    time > @expires
+  end
+
+  def expire
+    @expires = UNIX_EPOCH
+    self
+  end
+
+  alias secure? secure
+  alias httponly? httponly
+  alias session? session
+
+  def acceptable_from_uri?(uri)
+    uri = URI(uri)
+    host = DomainName.new(uri.host)
+
+    # RFC 6265 5.3
+    # When the user agent "receives a cookie":
+    return @domain.nil? || host.hostname == @domain unless @for_domain
+
+    if host.cookie_domain?(@domain_name)
+      true
+    elsif host.hostname == @domain
+      @for_domain = false
+      true
+    else
+      false
+    end
+  end
+
+  def valid_for_uri?(uri)
+    uri = URI(uri)
+    if @domain.nil?
+      raise "cannot tell if this cookie is valid because the domain is unknown"
+    end
+    return false if secure? && uri.scheme != 'https'
+    acceptable_from_uri?(uri) && HTTP::Cookie.normalize_path(uri.path).start_with?(@path)
+  end
+
+  # Returns a string for use in a Cookie header value,
+  # i.e. "name=value".
+  def cookie_value
+    "#{@name}=#{@value}"
+  end
+  alias to_s cookie_value
+
+  # Returns a string for use in a Set-Cookie header value.  If the
+  # cookie does not have an origin set, one must be given from the
+  # argument.
+  #
+  # This method does not check if this cookie will be accepted from
+  # the origin.
+  def set_cookie_value(origin = nil)
+    origin = origin ? URI(origin) : @origin or
+      raise "origin must be specified to produce a value for Set-Cookie"
+
+    string = cookie_value
+    if @for_domain || @domain != DomainName.new(origin.host).hostname
+      string << "; domain=#{@domain}"
+    end
+    if (HTTP::Cookie.normalize_path(origin) + './').path != @path
+      string << "; path=#{@path}"
+    end
+    if expires = @expires
+      string << "; expires=#{@expires.httpdate}"
+    end
+    if comment = @comment
+      string << "; comment=#{@comment}"
+    end
+    if httponly?
+      string << "; HttpOnly"
+    end
+    if secure?
+      string << "; secure"
+    end
+    string
+  end
+
+  # Compares the cookie with another.  When there are many cookies with
+  # the same name for a URL, the value of the smallest must be used.
+  def <=>(other)
+    # RFC 6265 5.4
+    # Precedence: 1. longer path  2. older creation
+    (@name <=> other.name).nonzero? ||
+      (other.path.length <=> @path.length).nonzero? ||
+      (@created_at <=> other.created_at).nonzero? ||
+      @value <=> other.value
+  end
+  include Comparable
+
+  # YAML serialization helper for Syck.
+  def to_yaml_properties
+    PERSISTENT_PROPERTIES.map { |name| "@#{name}" }
+  end
+
+  # YAML serialization helper for Psych.
+  def encode_with(coder)
+    PERSISTENT_PROPERTIES.each { |key|
+      coder[key.to_s] = instance_variable_get(:"@#{key}")
+    }
+  end
+
+  # YAML deserialization helper for Syck.
+  def init_with(coder)
+    yaml_initialize(coder.tag, coder.map)
+  end
+
+  # YAML deserialization helper for Psych.
+  def yaml_initialize(tag, map)
+    map.each { |key, value|
+      case key
+      when *PERSISTENT_PROPERTIES
+        send(:"#{key}=", value)
+      end
+    }
+  end
+end