3 CGI
.module_eval
{ remove_const
"Cookie" }
5 # TODO: document how this differs from stdlib CGI::Cookie
7 class Cookie
< DelegateClass(Array
)
8 attr_accessor
:name, :value, :path, :domain, :expires
9 attr_reader
:secure, :http_only
11 # Creates a new CGI::Cookie object.
13 # The contents of the cookie can be specified as a +name+ and one
14 # or more +value+ arguments. Alternatively, the contents can
15 # be specified as a single hash argument. The possible keywords of
16 # this hash are as follows:
18 # * <tt>:name</tt> - The name of the cookie. Required.
19 # * <tt>:value</tt> - The cookie's value or list of values.
20 # * <tt>:path</tt> - The path for which this cookie applies. Defaults to the
21 # base directory of the CGI script.
22 # * <tt>:domain</tt> - The domain for which this cookie applies.
23 # * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
24 # * <tt>:secure</tt> - Whether this cookie is a secure cookie or not (defaults to
25 # +false+). Secure cookies are only transmitted to HTTPS servers.
26 # * <tt>:http_only</tt> - Whether this cookie can be accessed by client side scripts (e.g. document.cookie) or only over HTTP.
27 # More details in http://msdn2.microsoft.com/en-us/library/system.web.httpcookie.httponly.aspx. Defaults to +false+.
29 # These keywords correspond to attributes of the cookie object.
30 def initialize(name
= '', *value
)
31 if name
.kind_of
?(String
)
41 @value = (name
['value'].kind_of
?(String
) ? [name
['value']] : Array(name
['value'])).delete_if(&:blank?)
42 @domain = name
['domain']
43 @expires = name
['expires']
44 @secure = name
['secure'] || false
45 @http_only = name
['http_only'] || false
49 raise ArgumentError
, "`name' required" unless @name
51 # simple support for IE
53 %r
|^
(.*/)|.match(ENV['SCRIPT_NAME'])
60 # Sets whether the Cookie is a secure cookie or not.
65 # Sets whether the Cookie is an HTTP only cookie or not.
67 @http_only = val
== true
70 # Converts the Cookie to its string representation.
74 buf
<< (@value.kind_of
?(String
) ? CGI
::escape(@value) : @value.collect
{|v
| CGI
::escape(v
) }.join("&"))
75 buf
<< '; domain=' << @domain if @domain
76 buf
<< '; path=' << @path if @path
77 buf
<< '; expires=' << CGI
::rfc1123_date(@expires) if @expires
78 buf
<< '; secure' if @secure
79 buf
<< '; HttpOnly' if @http_only
83 # FIXME: work around broken 1.8.7 DelegateClass#respond_to?
84 def respond_to
?(method
, include_private
= false)
85 return true if super(method
)
86 return __getobj__
.respond_to
?(method
, include_private
)
89 # Parses a raw cookie string into a hash of <tt>cookie-name => cookie-object</tt>
92 # cookies = CGI::Cookie::parse("raw_cookie_string")
93 # # => { "name1" => cookie1, "name2" => cookie2, ... }
95 def self.parse(raw_cookie
)
96 cookies
= Hash
.new([])
99 raw_cookie
.split(/;\s?/).each
do |pairs
|
100 name
, value
= pairs
.split('=',2)
101 next unless name
and value
102 name
= CGI
::unescape(name
)
103 unless cookies
.has_key
?(name
)
104 cookies
[name
] = new(name
, CGI
::unescape(value
))