antville/helma
antville/helma
1
1
Fork 0
Code Issues 5 Pull requests 7 Projects Releases 5 Activity Actions

Fix cookie parsing to handle HttpOnly and other cookie extensions correctly.

Browse source
This commit is contained in:
hns 2008-11-17 11:37:57 +00:00
parent b9a776c979
commit 15ae889600
1 changed files with 8 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
helma/Http.js
View file

@ -765,10 +765,14 @@ helma.Http.Cookie.PATTERN = /([^=;]+)=?([^;]*)(?:;\s*|$)/g;
helma.Http.Cookie.parse = function(cookieStr) { helma.Http.Cookie.parse = function(cookieStr) {
if (cookieStr != null) { if (cookieStr != null) {
var cookie = new helma.Http.Cookie; var cookie = new helma.Http.Cookie;
var m, key, value; var m = helma.Http.Cookie.PATTERN.exec(cookieStr);
if (m) {
cookie.name = m[1].trim();
cookie.value = m[2] ? m[2].trim() : "";
}
while ((m = helma.Http.Cookie.PATTERN.exec(cookieStr)) != null) { while ((m = helma.Http.Cookie.PATTERN.exec(cookieStr)) != null) {
key = m[1].trim(); var key = m[1].trim();
value = m[2] ? m[2].trim() : ""; var value = m[2] ? m[2].trim() : "";
switch (key.toLowerCase()) { switch (key.toLowerCase()) {
case "expires": case "expires":
// try to parse the expires date string into a date object // try to parse the expires date string into a date object
@ -778,15 +782,8 @@ helma.Http.Cookie.parse = function(cookieStr) {
// ignore // ignore
} }
break; break;
case "domain":
case "path":
cookie[key.toLowerCase()] = value;
break;
case "secure":
break;
default: default:
cookie.name = key; cookie[key.toLowerCase()] = value;
cookie.value = value;
break; break;
} }
} }