Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quotes are being stripped out of the cookie values #11

Open
uksa opened this issue Sep 7, 2015 · 4 comments
Open

Quotes are being stripped out of the cookie values #11

uksa opened this issue Sep 7, 2015 · 4 comments

Comments

@uksa
Copy link

uksa commented Sep 7, 2015

I've had an issue, when a cookie contains quotes wrapped around the value, the library is stripping out the quotes. Which is causing my authentication to fail. I've created a monkey in my fork, however when I went to create the tests and submit. It seems there is a few failing tests in this area and a bit more complex than I original thought.

scanner.rb

Before

def scan_value
    ''.tap { |s|
      case
      when scan(/[^,;"]+/)
        s << matched

After:

def scan_value
    ''.tap { |s|
      case
      when scan(/[^,;]+/)
        s << matched

I'll try and get to the bottom of the failing tests, I'm running Ruby 2.1.3

Perhaps it would be worth adding the tests into Travis. Would be more than happy to update if desired?
@lacostej lacostej mentioned this issue Apr 2, 2016
Merged
@lacostej
Copy link

lacostej commented Apr 2, 2016

I looked a bit into this and I wonder if the parser should keep track of the raw value to be able to return the values quoted when they have been parsed quoted.
Similar to what is one here: AsyncHttpClient/async-http-client#474

lacostej added a commit to lacostej/http-cookie that referenced this issue Apr 2, 2016
@lacostej
Preserve quotes when parsing server cookie sparklemotion#11
a238d18 
We keep track of the original quoted value when it is already quoted,
and we avoid consider values to be quoted if they start with a quote.
@serialbandicoot
Copy link

I've not attempted executing this fix, but the concept sounds like a good idea.

@roodion
Copy link

roodion commented Oct 18, 2017
edited

Hello @knu, @uksa, @lacostej , @serialbandicoot
Can you guys provide status for issue hilighted here? I'm experiencing same error, and basically did same fix(monkeypatched with optional param)

But im just wondering will this issue be fixed, or its not an issue at all.

Here is what i see in headers:

Set-Cookie: COOKIE1=value; Domain=.domain.com; Path=/, COOKIE2="value"; Domain=.domain.com; Path=/

But here its not quoted. (i'm using Mechanize agent)

agent.cookies.find{|x| x.name == 'COOKIE2'}.value
=>  "value"

when i expected it to be "\"value\""

Another strange issue.. if i manually change value to quoted one and trying to call .to_s ...

[13] pry(main)> print HTTP::Cookie.new(name: 'COOKIE1', value: '"value"').to_s
COOKIE1="\"value\"" => nil

Shouldn't it bee COOKIE1="value" in results?

@serialbandicoot
Copy link

It's been a really long time since I've needed to look at this issue, however I did remember that depending on the Ruby version you used, also affected how this issue was manifesting. Hence the reason for failing tests in the original comment. Sorry I can't be any more help!...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lacostej @serialbandicoot @roodion @uksa