--- /dev/null
+CGI.module_eval { remove_const "Cookie" }
+
+# TODO: document how this differs from stdlib CGI::Cookie
+class CGI #:nodoc:
+ class Cookie < DelegateClass(Array)
+ attr_accessor :name, :value, :path, :domain, :expires
+ attr_reader :secure, :http_only
+
+ # Creates a new CGI::Cookie object.
+ #
+ # The contents of the cookie can be specified as a +name+ and one
+ # or more +value+ arguments. Alternatively, the contents can
+ # be specified as a single hash argument. The possible keywords of
+ # this hash are as follows:
+ #
+ # * <tt>:name</tt> - The name of the cookie. Required.
+ # * <tt>:value</tt> - The cookie's value or list of values.
+ # * <tt>:path</tt> - The path for which this cookie applies. Defaults to the
+ # base directory of the CGI script.
+ # * <tt>:domain</tt> - The domain for which this cookie applies.
+ # * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
+ # * <tt>:secure</tt> - Whether this cookie is a secure cookie or not (defaults to
+ # +false+). Secure cookies are only transmitted to HTTPS servers.
+ # * <tt>:http_only</tt> - Whether this cookie can be accessed by client side scripts (e.g. document.cookie) or only over HTTP.
+ # More details in http://msdn2.microsoft.com/en-us/library/system.web.httpcookie.httponly.aspx. Defaults to +false+.
+ #
+ # These keywords correspond to attributes of the cookie object.
+ def initialize(name = '', *value)
+ if name.kind_of?(String)
+ @name = name
+ @value = Array(value)
+ @domain = nil
+ @expires = nil
+ @secure = false
+ @http_only = false
+ @path = nil
+ else
+ @name = name['name']
+ @value = (name['value'].kind_of?(String) ? [name['value']] : Array(name['value'])).delete_if(&:blank?)
+ @domain = name['domain']
+ @expires = name['expires']
+ @secure = name['secure'] || false
+ @http_only = name['http_only'] || false
+ @path = name['path']
+ end
+
+ raise ArgumentError, "`name' required" unless @name
+
+ # simple support for IE
+ unless @path
+ %r|^(.*/)|.match(ENV['SCRIPT_NAME'])
+ @path = ($1 or '')
+ end
+
+ super(@value)
+ end
+
+ # Sets whether the Cookie is a secure cookie or not.
+ def secure=(val)
+ @secure = val == true
+ end
+
+ # Sets whether the Cookie is an HTTP only cookie or not.
+ def http_only=(val)
+ @http_only = val == true
+ end
+
+ # Converts the Cookie to its string representation.
+ def to_s
+ buf = ''
+ buf << @name << '='
+ buf << (@value.kind_of?(String) ? CGI::escape(@value) : @value.collect{|v| CGI::escape(v) }.join("&"))
+ buf << '; domain=' << @domain if @domain
+ buf << '; path=' << @path if @path
+ buf << '; expires=' << CGI::rfc1123_date(@expires) if @expires
+ buf << '; secure' if @secure
+ buf << '; HttpOnly' if @http_only
+ buf
+ end
+
+ # FIXME: work around broken 1.8.7 DelegateClass#respond_to?
+ def respond_to?(method, include_private = false)
+ return true if super(method)
+ return __getobj__.respond_to?(method, include_private)
+ end
+
+ # Parses a raw cookie string into a hash of <tt>cookie-name => cookie-object</tt>
+ # pairs.
+ #
+ # cookies = CGI::Cookie::parse("raw_cookie_string")
+ # # => { "name1" => cookie1, "name2" => cookie2, ... }
+ #
+ def self.parse(raw_cookie)
+ cookies = Hash.new([])
+
+ if raw_cookie
+ raw_cookie.split(/;\s?/).each do |pairs|
+ name, value = pairs.split('=',2)
+ next unless name and value
+ name = CGI::unescape(name)
+ unless cookies.has_key?(name)
+ cookies[name] = new(name, CGI::unescape(value))
+ end
+ end
+ end
+
+ cookies
+ end
+ end # class Cookie
+end
projects / depot.git / blobdiff