From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-3.0 required=3.0 tests=AWL,BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_DNSWL_HI, SPF_HELO_PASS,SPF_PASS,UNPARSEABLE_RELAY shortcircuit=no autolearn=no autolearn_force=no version=3.4.2 Received: from nue.mailmanlists.eu (nue.mailmanlists.eu [IPv6:2a01:4f8:1c0c:6b10::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 712A71F601 for ; Tue, 6 Dec 2022 18:26:57 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ruby-lang.org header.i=@ruby-lang.org header.b="O7a36ilp"; dkim-atps=neutral Received: from nue.mailmanlists.eu (localhost [127.0.0.1]) by nue.mailmanlists.eu (Postfix) with ESMTP id 9756E7E588; Tue, 6 Dec 2022 18:26:49 +0000 (UTC) Authentication-Results: nue.mailmanlists.eu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ruby-lang.org header.i=@ruby-lang.org header.a=rsa-sha256 header.s=s1 header.b=O7a36ilp; dkim-atps=neutral Received: from xtrwkhkc.outbound-mail.sendgrid.net (xtrwkhkc.outbound-mail.sendgrid.net [167.89.16.28]) by nue.mailmanlists.eu (Postfix) with ESMTPS id CDAA17E564 for ; Tue, 6 Dec 2022 18:26:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ruby-lang.org; h=from:references:subject:mime-version:content-type: content-transfer-encoding:list-id:to:cc:content-type:from:subject:to; s=s1; bh=oM4NZhzs4YJ7dn/N6uDC4WzmHmzJ+GzaogoUxuf64T4=; b=O7a36ilpoLvsOgnVM+7Bk2wYs3EZaDPzMIvC1iC9JQhEtlxxW/GoLGkX6icY1tpW71Qy 7f13y8rEA9WpxdPjtwyz6UjQOcTdup4WOjKUjXrVUG5MadGVyulmAzAoXmf5B68a4mNeu8 dcH5D4n6TYCYw7dEQErYLXD2Y152+dlPf0ssZzGFsn4qj33HQzn3fCoxe1XMZH3nzBm0kf MkHUSoIZxDH/rR1xnIuB+lcpAOPa8OjLyeOmOaHGx8DoQzmAs380HN6ej30CNpGp+tXWCe x6F7Yc3MXosMKgv+qM7O0EcfwDm9m1kzjJOzrAQLSH4ByvJUMNjBSBONNd7zu84A== Received: by filterdrecv-6c4ccfbdd8-mgmbx with SMTP id filterdrecv-6c4ccfbdd8-mgmbx-1-638F8962-4C 2022-12-06 18:26:43.078543568 +0000 UTC m=+1624871.349397580 Received: from herokuapp.com (unknown) by geopod-ismtpd-1-3 (SG) with ESMTP id UM738Pl_TDmTQiwKWNAeKw for ; Tue, 06 Dec 2022 18:26:42.926 +0000 (UTC) Date: Tue, 06 Dec 2022 18:26:43 +0000 (UTC) From: "apremdas@yahoo.co.uk (Andrew Premdas)" Message-ID: References: Mime-Version: 1.0 X-Redmine-Project: ruby-master X-Redmine-Issue-Tracker: Bug X-Redmine-Issue-Id: 19188 X-Redmine-Issue-Author: apremdas@yahoo.co.uk X-Redmine-Sender: apremdas@yahoo.co.uk X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: All Auto-Submitted: auto-generated X-Redmine-MailingListIntegration-Message-Ids: 87576 X-SG-EID: =?us-ascii?Q?oLsDsI5v6HPXVBhmrSJPT2KkQvUqfFTsI2oyrDVYYmmVS4NYMTvUFcVuSE9bIx?= =?us-ascii?Q?Ewg+ppwblp+oz9rct2NBmQA5chtTl84nw6e9Xsp?= =?us-ascii?Q?TAQl2jUpfI3fP0+=2F0=2Ft9Py5zMQ+XxwJWBo3aiHf?= =?us-ascii?Q?M8SDyesnMsSIo9t8XQOlMXECY2QZHR=2Fcct2PC=2FL?= =?us-ascii?Q?3GgoHvaL6hWqTXW5ddF+71VIXlbSlVbxtxyCeZe?= =?us-ascii?Q?fwimSUU53DfX5U=2FsS+x4nOZ8r9JxaRaZyWDNJwb?= =?us-ascii?Q?1AEp8EuB3B10t1CsjBtCKJhQ7hAgo4E6aTuSsZ4?= =?us-ascii?Q?U70=3D?= To: ruby-core@ml.ruby-lang.org X-Entity-ID: b/2+PoftWZ6GuOu3b0IycA== Message-ID-Hash: V45JLTMOYBJE7LEZHPSWOAK5VMRZIFS6 X-Message-ID-Hash: V45JLTMOYBJE7LEZHPSWOAK5VMRZIFS6 X-MailFrom: bounces+313651-b711-ruby-core=ml.ruby-lang.org@em5188.ruby-lang.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.3 Precedence: list Reply-To: Ruby developers Subject: [ruby-core:111221] [Ruby master Bug#19188] Ruby 2.7.7 CGI Cookie Processing List-Id: Ruby developers Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Issue #19188 has been reported by apremdas@yahoo.co.uk (Andrew Premdas). ---------------------------------------- Bug #19188: Ruby 2.7.7 CGI Cookie Processing https://bugs.ruby-lang.org/issues/19188 * Author: apremdas@yahoo.co.uk (Andrew Premdas) * Status: Open * Priority: Normal * ruby -v: ruby 2.7.7p221 (2022-11-24 revision 168ec2b1e5) [arm64-darwin22] * Backport: 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN ---------------------------------------- This is my first bug report here, apologies if I mess things up. Ruby 2.7.7 introduced a code change in lib/ruby/2.7.0/cgi/cookie.rb. There is now a custom setter for the domain attribute. You can see me debugging this below ``` 126: def domain=(str) 127: byebug => 128: if str and ((str = str.b).bytesize > 255 or !DOMAIN_VALUE_RE.match?(str)) 129: raise ArgumentError, "invalid domain: #{str.dump}" 130: end ``` When you are running a test on rails using capybara and rspec the value of domain will be ".example.com". This value is the same on ruby 2.7.6. The new code in 2.7.7 rejects this code as an invalid domain because `DOMAIN_VALUE_RE.match?(str)` is false. I think `DOMAIN_VALUE_RE` needs to be changed so it matches ".example.com" otherwise lots of tests on Rails applications are going to fail -- https://bugs.ruby-lang.org/ ______________________________________________ ruby-core mailing list -- ruby-core@ml.ruby-lang.org To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/