http-cookie 1.0.0.pre8 → 1.0.0.pre9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2ab53e3207db1e30dadbe6f623adece56c2dd9a7
-  data.tar.gz: cc1b6d68f82a1847275e3d16ab122e86d399186d
+  metadata.gz: 53cb4c9e7487abb35fc5566cadc3c2f8afbea819
+  data.tar.gz: dfa1e8393cc3f71df62e55984196046788942c6d
 SHA512:
-  metadata.gz: 308162bbb92376e5140b863141c55501c454fdf676617f018faa4d1098819a4fe9c9ef4b0b2f63423cee7bb862b8a79edde7d914ce940b095544251f49b9018c
-  data.tar.gz: ba8f6855bc6255f2d5729407a299fabba71ae0c1488eefc084cd823a424fbc93c6a34c80ccfb36e1b1830a18fcc1d31b4108f4e89d136dd84a443ca967162498
+  metadata.gz: 8e232e6d966c1fb49b9e7e6ab50456b955d4b377962f71d570531aa622200ef94031ec602bddea8d2c475e51b20240c85306ff6dc9b874c27453acacaf0ae9cd
+  data.tar.gz: 188e45b944168d04516707ad503710b938acae9f50a50d61d3351e6e12e936fba53cc0ce26e7ee80b370e18809df95e91160f12ef4c73d760ad4202a8eaa9cb6

data/Rakefile

@@ -1,8 +1,8 @@
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'
 require 'rake/testtask'
 
 Rake::TestTask.new(:test) do |test|
-  test.ruby_opts << '-r./test/simplecov_start.rb' if defined?(SimbleCov)
+  test.ruby_opts << '-r./test/simplecov_start.rb' if RUBY_VERSION >= '1.9'
   test.pattern = 'test/**/test_*.rb'
   test.verbose = true
 end

data/lib/http/cookie.rb

@@ -14,7 +14,14 @@ if RUBY_VERSION < "1.9.3"
     URI(URI(''))
   rescue
     def URI(url) # :nodoc:
-      url.is_a?(URI) ? url : URI.parse(url)
+      case url
+      when URI
+        url
+      when String
+        URI.parse(url)
+      else
+        raise ArgumentError, 'bad argument (expected URI object or URI string)'
+      end
     end
   end
 end
@@ -102,7 +109,10 @@ class HTTP::Cookie
   # The origin of the cookie.
   #
   # Setting this will initialize the #domain and #path attribute
-  # values if unknown yet.
+  # values if unknown yet.  If the cookie already has a domain value
+  # set, it is checked against the origin URL to see if the origin is
+  # allowed to issue a cookie of the domain, and ArgumentError is
+  # raised if the check fails.
   #
   # :attr_accessor: origin
 
@@ -310,14 +320,9 @@ class HTTP::Cookie
             end
           }
 
-          if origin
-            begin
-              cookie.origin = origin
-            rescue => e
-              logger.warn("Invalid cookie for the origin: #{origin} (#{e})") if logger
-              next
-            end
-          end
+          cookie.origin = origin
+
+          cookie.acceptable? or next
 
           yield cookie if block_given?
 
@@ -363,15 +368,28 @@ class HTTP::Cookie
 
   # See #domain.
   def domain=(domain)
-    if DomainName === domain
+    case domain
+    when nil
+      @for_domain = false
+      if @origin
+        @domain_name = DomainName.new(@origin.host)
+        @domain = @domain_name.hostname
+      else
+        @domain_name = @domain = nil
+      end
+      return nil
+    when DomainName
       @domain_name = domain
     else
       domain = check_string_type(domain) or
         raise TypeError, "#{domain.class} is not a String"
       if domain.start_with?('.')
-        @for_domain = true
+        for_domain = true
         domain = domain[1..-1]
       end
+      if domain.empty?
+        return self.domain = nil
+      end
       # Do we really need to support this?
       if domain.match(/\A([^:]+):[0-9]+\z/)
         domain = $1
@@ -379,8 +397,10 @@ class HTTP::Cookie
       @domain_name = DomainName.new(domain)
     end
     # RFC 6265 5.3 5.
-    if @domain_name.domain.nil? # a public suffix or IP address
+    if domain_name.domain.nil? # a public suffix or IP address
       @for_domain = false
+    else
+      @for_domain = for_domain unless for_domain.nil?
     end
     @domain = @domain_name.hostname
   end
@@ -419,10 +439,10 @@ class HTTP::Cookie
     @origin.nil? or
       raise ArgumentError, "origin cannot be changed once it is set"
     origin = URI(origin)
-    self.domain ||= origin.host
-    self.path   ||= (origin + './').path
-    acceptable_from_uri?(origin) or
-      raise ArgumentError, "unacceptable cookie sent from URI #{origin}"
+    if URI::HTTP === origin
+      self.domain ||= origin.host
+      self.path   ||= (origin + './').path
+    end
     @origin = origin
   end
 
@@ -514,22 +534,39 @@ class HTTP::Cookie
   attr_accessor :accessed_at
 
   # Tests if it is OK to accept this cookie if it is sent from a given
-  # `uri`.
+  # URI/URL, `uri`.
   def acceptable_from_uri?(uri)
     uri = URI(uri)
     return false unless URI::HTTP === uri && uri.host
     host = DomainName.new(uri.host)
 
     # RFC 6265 5.3
-    return true if host.hostname == @domain
-
-    if @for_domain  # !host-only-flag
+    case
+    when host.hostname == @domain
+      true
+    when @for_domain  # !host-only-flag
       host.cookie_domain?(@domain_name)
     else
       @domain.nil?
     end
   end
 
+  # Tests if it is OK to accept this cookie considering its origin.
+  # If either domain or path is missing, raises ArgumentError.  If
+  # origin is missing, returns true.
+  def acceptable?
+    case
+    when @domain.nil?
+      raise ArgumentError, "domain is missing"
+    when @path.nil?
+      raise ArgumentError, "path is missing"
+    when @origin.nil?
+      true
+    else
+      acceptable_from_uri?(@origin)
+    end
+  end
+
   # Tests if it is OK to send this cookie to a given `uri`.  A runtime
   # error is raised if the cookie's domain is unknown.
   def valid_for_uri?(uri)

data/lib/http/cookie/version.rb

@@ -1,5 +1,5 @@
 module HTTP
   class Cookie
-    VERSION = "1.0.0.pre8"
+    VERSION = "1.0.0.pre9"
   end
 end

data/lib/http/cookie_jar.rb

@@ -45,17 +45,17 @@ class HTTP::CookieJar
     @store = other.instance_eval { @store.dup }
   end
 
-  # Adds a cookie to the jar and return self.  If a given cookie has
-  # no domain or path attribute values and the origin is unknown,
-  # ArgumentError is raised.
+  # Adds a cookie to the jar if it is acceptable, and returns self in
+  # any case.  A given cookie must have domain and path attributes
+  # set, or ArgumentError is raised.
   #
   # ### Compatibility Note for Mechanize::Cookie users
   #
   # In HTTP::Cookie, each cookie object can store its origin URI
   # (cf. #origin).  While the origin URI of a cookie can be set
   # manually by #origin=, one is typically given in its generation.
-  # To be more specific, HTTP::Cookie.new and HTTP::Cookie.parse both
-  # take an :origin option.
+  # To be more specific, HTTP::Cookie.new takes an `:origin` option
+  # and HTTP::Cookie.parse takes one via the second argument.
   #
   #   `HTTP::Cookie.parse`.  Compare these:
   #
@@ -64,14 +64,10 @@ class HTTP::CookieJar
   #       jar.add!(cookie)    # no acceptance check is performed
   #
   #       # HTTP::Cookie
-  #       jar.origin = origin # if it doesn't have one
+  #       jar.origin = origin
   #       jar.add(cookie)     # acceptance check is performed
   def add(cookie)
-    if cookie.domain.nil? || cookie.path.nil?
-      raise ArgumentError, "a cookie with unknown domain or path cannot be added"
-    end
-
-    @store.add(cookie)
+    @store.add(cookie) if cookie.acceptable?
     self
   end
   alias << add
@@ -136,7 +132,11 @@ class HTTP::CookieJar
         yield cookie
       }
     else
-      HTTP::Cookie.parse(set_cookie, origin, options, &method(:add))
+      HTTP::Cookie.parse(set_cookie, origin, options) { |cookie|
+        add(cookie)
+      }
+      # XXX: ruby 1.8 fails to call super from a proc'ized method
+      # HTTP::Cookie.parse(set_cookie, origin, options, &method(:add)
     end
   end
 
@@ -145,8 +145,8 @@ class HTTP::CookieJar
   #   jar.save(filename_or_io, format = :yaml, **options)
   #
   # Saves the cookie jar into a file or an IO in the format specified
-  # and return self.  If a given object responds to #write it is taken
-  # as an IO, or taken as a filename otherwise.
+  # and returns self.  If a given object responds to #write it is
+  # taken as an IO, or taken as a filename otherwise.
   #
   # Available option keywords are below:
   #
@@ -211,8 +211,8 @@ class HTTP::CookieJar
   #   jar.load(filename_or_io, format = :yaml, **options)
   #
   # Loads cookies recorded in a file or an IO in the format specified
-  # into the jar and return self.  If a given object responds to #read
-  # it is taken as an IO, or taken as a filename otherwise.
+  # into the jar and returns self.  If a given object responds to
+  # #read it is taken as an IO, or taken as a filename otherwise.
   #
   # Available option keywords are below:
   #
@@ -264,13 +264,13 @@ class HTTP::CookieJar
     self
   end
 
-  # Clears the cookie jar and return self.
+  # Clears the cookie jar and returns self.
   def clear
     @store.clear
     self
   end
 
-  # Removes expired cookies and return self.
+  # Removes expired cookies and returns self.
   def cleanup(session = false)
     @store.cleanup session
     self

data/test/test_http_cookie.rb

@@ -450,6 +450,9 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal 'key', cookie.name
     assert_equal 'value', cookie.value
     assert_equal nil, cookie.expires
+    assert_raises(ArgumentError) {
+      cookie.acceptable?
+    }
 
     # Minimum unit for the expires attribute is second
     expires = Time.at((Time.now + 3600).to_i)
@@ -458,24 +461,39 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal 'key', cookie.name
     assert_equal 'value', cookie.value
     assert_equal expires, cookie.expires
+    assert_raises(ArgumentError) {
+      cookie.acceptable?
+    }
 
     cookie = HTTP::Cookie.new(:value => 'value', :name => 'key', :expires => expires.dup)
     assert_equal 'key', cookie.name
     assert_equal 'value', cookie.value
     assert_equal expires, cookie.expires
     assert_equal false, cookie.for_domain?
+    assert_raises(ArgumentError) {
+      # domain and path are missing
+      cookie.acceptable?
+    }
 
     cookie = HTTP::Cookie.new(:value => 'value', :name => 'key', :expires => expires.dup, :domain => '.example.com')
     assert_equal 'key', cookie.name
     assert_equal 'value', cookie.value
     assert_equal expires, cookie.expires
     assert_equal true, cookie.for_domain?
+    assert_raises(ArgumentError) {
+      # path is missing
+      cookie.acceptable?
+    }
 
     cookie = HTTP::Cookie.new(:value => 'value', :name => 'key', :expires => expires.dup, :domain => 'example.com', :for_domain => false)
     assert_equal 'key', cookie.name
     assert_equal 'value', cookie.value
     assert_equal expires, cookie.expires
     assert_equal false, cookie.for_domain?
+    assert_raises(ArgumentError) {
+      # path is missing
+      cookie.acceptable?
+    }
 
     cookie = HTTP::Cookie.new(:value => 'value', :name => 'key', :expires => expires.dup, :domain => 'example.org', :for_domain? => true)
     assert_equal 'key', cookie.name
@@ -483,6 +501,10 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal expires, cookie.expires
     assert_equal 'example.org', cookie.domain
     assert_equal true, cookie.for_domain?
+    assert_raises(ArgumentError) {
+      # path is missing
+      cookie.acceptable?
+    }
 
     assert_raises(ArgumentError) { HTTP::Cookie.new(:name => 'name') }
     assert_raises(ArgumentError) { HTTP::Cookie.new(:value => 'value') }
@@ -588,33 +610,49 @@ class TestHTTPCookie < Test::Unit::TestCase
       HTTP::Cookie.new(cookie_values(:value => 'bar')))
   end
 
-  def test_new_rejects_cookies_that_do_not_contain_an_embedded_dot
+  def test_new_tld_domain
     url = URI 'http://rubyforge.org/'
 
-    assert_raises(ArgumentError) {
-      tld_cookie = HTTP::Cookie.new(cookie_values(:domain => '.org', :origin => url))
-    }
-    assert_raises(ArgumentError) {
-      single_dot_cookie = HTTP::Cookie.new(cookie_values(:domain => '.', :origin => url))
-    }
+    tld_cookie1 = HTTP::Cookie.new(cookie_values(:domain => 'org', :origin => url))
+    assert_equal false, tld_cookie1.for_domain?
+    assert_equal 'org', tld_cookie1.domain
+    assert_equal false, tld_cookie1.acceptable?
+
+    tld_cookie2 = HTTP::Cookie.new(cookie_values(:domain => '.org', :origin => url))
+    assert_equal false, tld_cookie1.for_domain?
+    assert_equal 'org', tld_cookie2.domain
+    assert_equal false, tld_cookie2.acceptable?
+  end
+
+  def test_new_tld_domain_from_tld
+    url = URI 'http://org/'
+
+    tld_cookie1 = HTTP::Cookie.new(cookie_values(:domain => 'org', :origin => url))
+    assert_equal false, tld_cookie1.for_domain?
+    assert_equal 'org', tld_cookie1.domain
+    assert_equal true, tld_cookie1.acceptable?
+
+    tld_cookie2 = HTTP::Cookie.new(cookie_values(:domain => '.org', :origin => url))
+    assert_equal false, tld_cookie1.for_domain?
+    assert_equal 'org', tld_cookie2.domain
+    assert_equal true, tld_cookie2.acceptable?
   end
 
   def test_fall_back_rules_for_local_domains
     url = URI 'http://www.example.local'
 
-    assert_raises(ArgumentError) {
-      tld_cookie = HTTP::Cookie.new(cookie_values(:domain => '.local', :origin => url))
-    }
+    tld_cookie = HTTP::Cookie.new(cookie_values(:domain => '.local', :origin => url))
+    assert_equal false, tld_cookie.acceptable?
 
     sld_cookie = HTTP::Cookie.new(cookie_values(:domain => '.example.local', :origin => url))
+    assert_equal true, sld_cookie.acceptable?
   end
 
   def test_new_rejects_cookies_with_ipv4_address_subdomain
     url = URI 'http://192.168.0.1/'
 
-    assert_raises(ArgumentError) {
-      cookie = HTTP::Cookie.new(cookie_values(:domain => '.0.1', :origin => url))
-    }
+    cookie = HTTP::Cookie.new(cookie_values(:domain => '.0.1', :origin => url))
+    assert_equal false, cookie.acceptable?
   end
 
   def test_path
@@ -669,17 +707,39 @@ class TestHTTPCookie < Test::Unit::TestCase
       end
     }
     assert 'example.com', cookie.domain
+
+    url = URI 'http://rubyforge.org/'
+
+    [nil, '', '.'].each { |d|
+      cookie = HTTP::Cookie.new('Foo', 'Bar', :path => '/')
+      cookie.domain = d
+      assert_equal nil, cookie.domain, "domain=#{d.inspect}"
+      assert_equal nil, cookie.domain_name, "domain=#{d.inspect}"
+      assert_raises(ArgumentError) {
+        cookie.acceptable?
+      }
+
+      cookie = HTTP::Cookie.new('Foo', 'Bar', :path => '/')
+      cookie.origin = url
+      cookie.domain = d
+      assert_equal url.host, cookie.domain, "domain=#{d.inspect}"
+      assert_equal true, cookie.acceptable?, "domain=#{d.inspect}"
+    }
   end
 
   def test_origin=
     url = URI.parse('http://example.com/path/')
 
     cookie = HTTP::Cookie.new('a', 'b')
+    assert_raises(ArgumentError) {
+      cookie.origin = 123
+    }
     cookie.origin = url
     assert_equal '/path/', cookie.path
     assert_equal 'example.com', cookie.domain
     assert_equal false, cookie.for_domain
     assert_raises(ArgumentError) {
+      # cannot change the origin once set
       cookie.origin = URI.parse('http://www.example.com/')
     }
 
@@ -689,13 +749,21 @@ class TestHTTPCookie < Test::Unit::TestCase
     assert_equal 'example.com', cookie.domain
     assert_equal true, cookie.for_domain
     assert_raises(ArgumentError) {
+      # cannot change the origin once set
       cookie.origin = URI.parse('http://www.example.com/')
     }
 
     cookie = HTTP::Cookie.new('a', 'b', :domain => '.example.com')
-    assert_raises(ArgumentError) {
-      cookie.origin = URI.parse('http://example.org/')
-    }
+    cookie.origin = URI.parse('http://example.org/')
+    assert_equal false, cookie.acceptable?
+
+    cookie = HTTP::Cookie.new('a', 'b', :domain => '.example.com')
+    cookie.origin = 'file:///tmp/test.html'
+    assert_equal nil, cookie.path
+
+    cookie = HTTP::Cookie.new('a', 'b', :domain => '.example.com', :path => '/')
+    cookie.origin = 'file:///tmp/test.html'
+    assert_equal false, cookie.acceptable?
   end
 
   def test_acceptable_from_uri?

data/test/test_http_cookie_jar.rb

@@ -284,9 +284,7 @@ module TestHTTPCookieJar
     def test_cookies_no_host
       url = URI 'file:///path/'
 
-      assert_raises(ArgumentError) {
-        @jar.add(HTTP::Cookie.new(cookie_values(:origin => url)))
-      }
+      @jar.add(HTTP::Cookie.new(cookie_values(:origin => url)))
 
       assert_equal(0, @jar.cookies(url).length)
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: http-cookie
 version: !ruby/object:Gem::Version
-  version: 1.0.0.pre8
+  version: 1.0.0.pre9
 platform: ruby
 authors:
 - Akinori MUSHA
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-03-29 00:00:00.000000000 Z
+date: 2013-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: domain_name