From: Zach Brock <zbrock@gmail.com>
To: rack-devel@googlegroups.com
Subject: Re: Deleting cookies with the same name from multiple domains
Date: Fri, 15 Jan 2010 12:48:15 -0800 [thread overview]
Message-ID: <d3965c3e1001151248r2027b2c4m7f4751e901e8ccb8@mail.gmail.com> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 1033 bytes --]
Hmm, I don't think so. The only change I made was to the filtering logic in
Utils.delete_cookie_header!
I'd imagine that adding same-named cookies with different domains doesn't
work if you're using Rails though. It puts the cookies in a hash where the
key is the cookie name, so multiple domains can't really be represented.
Attached is a spec to show that it works as is.
-Zach
On Jan 15, 6:52 am, Ryan Tomayko <r...@tomayko.com> wrote:
> On Thu, Jan 7, 2010 at 10:01 PM, Zach Brock <zbr...@gmail.com> wrote:
> > This is a fix to an issue I ran into when dealing with a single sign on
> > system. Cookies should be unique per request by name and domain, but
Rack
> > currently only treats them as unique by name. This commit basically
makes it
> > possible to delete cookie "foo" on both www.example.com and .example.com
.
> > -Zach Brock
>
> I've had reports of a bug that disallows same-named cookies to be set
> for different domains. It looks like your patch addresses this as
> well. Can you confirm?
>
> Thanks,
> Ryan
[-- Attachment #1.2: Type: text/html, Size: 1528 bytes --]
[-- Attachment #2: 0001-Adding-a-spec-for-adding-multiple-cookies-with-the-s.patch --]
[-- Type: application/octet-stream, Size: 1160 bytes --]
From 5edf55cc05020c49db74c743f08fbcd37d9606cf Mon Sep 17 00:00:00 2001
From: Zach Brock <zbrock@gmail.com>
Date: Fri, 15 Jan 2010 12:43:34 -0800
Subject: [PATCH] Adding a spec for adding multiple cookies with the same name on different domains
---
test/spec_rack_response.rb | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/test/spec_rack_response.rb b/test/spec_rack_response.rb
index fb14508..942a564 100644
--- a/test/spec_rack_response.rb
+++ b/test/spec_rack_response.rb
@@ -55,6 +55,13 @@ context "Rack::Response" do
response["Set-Cookie"].should.equal ["foo=bar", "foo2=bar2", "foo3=bar3"]
end
+ specify "can set cookies with the same name for multiple domains" do
+ response = Rack::Response.new
+ response.set_cookie "foo", {:value => "bar", :domain => "sample.example.com"}
+ response.set_cookie "foo", {:value => "bar", :domain => ".example.com"}
+ response["Set-Cookie"].should.equal ["foo=bar; domain=sample.example.com", "foo=bar; domain=.example.com"]
+ end
+
specify "formats the Cookie expiration date accordingly to RFC 2109" do
response = Rack::Response.new
--
1.6.0.2
next reply other threads:[~2010-01-15 21:03 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-15 20:48 Zach Brock [this message]
2010-04-29 22:13 ` Deleting cookies with the same name from multiple domains Ryan Tomayko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://groups.google.com/group/rack-devel
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d3965c3e1001151248r2027b2c4m7f4751e901e8ccb8@mail.gmail.com \
--to=rack-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).