From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-2.9 required=3.0 tests=AWL,BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_BL_SPAMCOP_NET,SPF_HELO_PASS, SPF_PASS,UNPARSEABLE_RELAY shortcircuit=no autolearn=no autolearn_force=no version=3.4.2 Received: from nue.mailmanlists.eu (nue.mailmanlists.eu [IPv6:2a01:4f8:1c0c:6b10::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 98BD21F601 for ; Wed, 7 Dec 2022 03:55:23 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ruby-lang.org header.i=@ruby-lang.org header.b="a0dkmIHt"; dkim-atps=neutral Received: from nue.mailmanlists.eu (localhost [127.0.0.1]) by nue.mailmanlists.eu (Postfix) with ESMTP id DE4B27E5D0; Wed, 7 Dec 2022 03:55:15 +0000 (UTC) Authentication-Results: nue.mailmanlists.eu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ruby-lang.org header.i=@ruby-lang.org header.a=rsa-sha256 header.s=s1 header.b=a0dkmIHt; dkim-atps=neutral Received: from xtrwkhkc.outbound-mail.sendgrid.net (xtrwkhkc.outbound-mail.sendgrid.net [167.89.16.28]) by nue.mailmanlists.eu (Postfix) with ESMTPS id A20807E53C for ; Wed, 7 Dec 2022 03:55:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ruby-lang.org; h=from:references:subject:mime-version:content-type: content-transfer-encoding:list-id:to:cc:content-type:from:subject:to; s=s1; bh=0XW4dRqfS9Gmitj/jkwXSA4/RzNg8BcPsWSG3aI5bqY=; b=a0dkmIHtXPjFcTUOzJbJtOYAupraZgg+2n9+QfPB2B4B/h3il70sTQ3GqGeKfUaNhzfR 0+cb2GsZWPuIkB3SJVSJ0wDr3bV6zITFZeRIDSjxWkb0VGwtiebEp1y4Tbb/YJ32lNBmYp ErbnHlroWzJ98heNJXrKEOfxMyzz7JHZy0YAg/PLKIzErGuusgg1EOWd7NwpBCYBy4m0xU DuLh7vCtmpDDWj5z6vjitfG9n8NZ72IVnr7g7etUpsNvAgEM6l+qJhvuUH5zPRpVo9eoZh r9ATT/42ZnxK+4MgIZWbDAYxTShvgTJprZAYi9YOtw/aOjrv/rxDSrNoZWcHoQiQ== Received: by filterdrecv-6f5868ff54-b4nt9 with SMTP id filterdrecv-6f5868ff54-b4nt9-1-63900E9E-1 2022-12-07 03:55:10.06229209 +0000 UTC m=+1658900.731681448 Received: from herokuapp.com (unknown) by geopod-ismtpd-4-0 (SG) with ESMTP id KiGDq_3xR1qOsoakvcLBRw for ; Wed, 07 Dec 2022 03:55:10.012 +0000 (UTC) Date: Wed, 07 Dec 2022 03:55:10 +0000 (UTC) From: "mame (Yusuke Endoh)" Message-ID: References: Mime-Version: 1.0 X-Redmine-Project: ruby-master X-Redmine-Issue-Tracker: Bug X-Redmine-Issue-Id: 19188 X-Redmine-Issue-Author: apremdas@yahoo.co.uk X-Redmine-Sender: mame X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: All Auto-Submitted: auto-generated X-Redmine-MailingListIntegration-Message-Ids: 87581 X-SG-EID: =?us-ascii?Q?YbSlef6ZOa=2FS=2FuqSxXRzl42MttQDxKOujGe43WuBjI7JKMg2OkmRsyzG5za6L9?= =?us-ascii?Q?e1flZkYZ9OViVy5Lc4acvpZnvzeUS80ZSq3Npn4?= =?us-ascii?Q?IfnIUSzjlaIKyFrEd9jIZLbPGbaPkeqjNofi79=2F?= =?us-ascii?Q?8s=2Fy3HdMO1XUV7YrraENyeoWl0P4Qoq68d=2FjwI1?= =?us-ascii?Q?9b37kdvJakioAgfDQIl7Zy7ttTINcM0AhHT1H2F?= =?us-ascii?Q?qnQS8j7Me8FyeZ9dHkyiSakGfvaXPbOhekZM3MM?= =?us-ascii?Q?6TBvXGxXHKFOxQD9Vtw3w=3D=3D?= To: ruby-core@ml.ruby-lang.org X-Entity-ID: b/2+PoftWZ6GuOu3b0IycA== Message-ID-Hash: JLR7GWII534HV74ADXYCWH7QMHJPZTT7 X-Message-ID-Hash: JLR7GWII534HV74ADXYCWH7QMHJPZTT7 X-MailFrom: bounces+313651-b711-ruby-core=ml.ruby-lang.org@em5188.ruby-lang.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.3 Precedence: list Reply-To: Ruby developers Subject: [ruby-core:111226] [Ruby master Bug#19188] Ruby 2.7.7 CGI Cookie Processing List-Id: Ruby developers Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Issue #19188 has been updated by mame (Yusuke Endoh). You may want to use cgi gem 0.3.6 ---------------------------------------- Bug #19188: Ruby 2.7.7 CGI Cookie Processing https://bugs.ruby-lang.org/issues/19188#change-100515 * Author: apremdas@yahoo.co.uk (Andrew Premdas) * Status: Closed * Priority: Normal * ruby -v: ruby 2.7.7p221 (2022-11-24 revision 168ec2b1e5) [arm64-darwin22] * Backport: 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN ---------------------------------------- This is my first bug report here, apologies if I mess things up. Ruby 2.7.7 introduced a code change in lib/ruby/2.7.0/cgi/cookie.rb. There is now a custom setter for the domain attribute. You can see me debugging this below ``` 126: def domain=(str) 127: byebug => 128: if str and ((str = str.b).bytesize > 255 or !DOMAIN_VALUE_RE.match?(str)) 129: raise ArgumentError, "invalid domain: #{str.dump}" 130: end ``` When you are running a test on rails using capybara and rspec the value of domain will be ".example.com". This value is the same on ruby 2.7.6. The new code in 2.7.7 rejects this code as an invalid domain because `DOMAIN_VALUE_RE.match?(str)` is false. I think `DOMAIN_VALUE_RE` needs to be changed so it matches ".example.com" otherwise lots of tests on Rails applications are going to fail -- https://bugs.ruby-lang.org/ ______________________________________________ ruby-core mailing list -- ruby-core@ml.ruby-lang.org To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/