2017-02-18 08:52:16 +03:00
|
|
|
# frozen_string_literal: true
|
2013-04-19 03:38:24 +04:00
|
|
|
require 'cgi/util'
|
2008-09-09 17:09:56 +04:00
|
|
|
class CGI
|
2011-05-17 01:21:35 +04:00
|
|
|
# Class representing an HTTP cookie.
|
|
|
|
#
|
|
|
|
# In addition to its specific fields and methods, a Cookie instance
|
|
|
|
# is a delegator to the array of its values.
|
|
|
|
#
|
|
|
|
# See RFC 2965.
|
|
|
|
#
|
|
|
|
# == Examples of use
|
2013-04-19 03:47:07 +04:00
|
|
|
# cookie1 = CGI::Cookie.new("name", "value1", "value2", ...)
|
|
|
|
# cookie1 = CGI::Cookie.new("name" => "name", "value" => "value")
|
2015-05-15 02:27:01 +03:00
|
|
|
# cookie1 = CGI::Cookie.new('name' => 'name',
|
|
|
|
# 'value' => ['value1', 'value2', ...],
|
|
|
|
# 'path' => 'path', # optional
|
|
|
|
# 'domain' => 'domain', # optional
|
|
|
|
# 'expires' => Time.now, # optional
|
|
|
|
# 'secure' => true, # optional
|
|
|
|
# 'httponly' => true # optional
|
2011-05-17 01:21:35 +04:00
|
|
|
# )
|
|
|
|
#
|
|
|
|
# cgi.out("cookie" => [cookie1, cookie2]) { "string" }
|
|
|
|
#
|
2015-05-15 02:27:01 +03:00
|
|
|
# name = cookie1.name
|
|
|
|
# values = cookie1.value
|
|
|
|
# path = cookie1.path
|
|
|
|
# domain = cookie1.domain
|
|
|
|
# expires = cookie1.expires
|
|
|
|
# secure = cookie1.secure
|
|
|
|
# httponly = cookie1.httponly
|
2011-05-17 01:21:35 +04:00
|
|
|
#
|
2015-05-15 02:27:01 +03:00
|
|
|
# cookie1.name = 'name'
|
|
|
|
# cookie1.value = ['value1', 'value2', ...]
|
|
|
|
# cookie1.path = 'path'
|
|
|
|
# cookie1.domain = 'domain'
|
|
|
|
# cookie1.expires = Time.now + 30
|
|
|
|
# cookie1.secure = true
|
|
|
|
# cookie1.httponly = true
|
2008-09-09 17:09:56 +04:00
|
|
|
class Cookie < Array
|
2013-04-19 03:47:07 +04:00
|
|
|
@@accept_charset="UTF-8" unless defined?(@@accept_charset)
|
2008-09-09 17:09:56 +04:00
|
|
|
|
|
|
|
# Create a new CGI::Cookie object.
|
|
|
|
#
|
2011-05-17 01:21:35 +04:00
|
|
|
# :call-seq:
|
|
|
|
# Cookie.new(name_string,*value)
|
|
|
|
# Cookie.new(options_hash)
|
2008-09-09 17:09:56 +04:00
|
|
|
#
|
2011-05-17 01:21:35 +04:00
|
|
|
# +name_string+::
|
|
|
|
# The name of the cookie; in this form, there is no #domain or
|
|
|
|
# #expiration. The #path is gleaned from the +SCRIPT_NAME+ environment
|
|
|
|
# variable, and #secure is false.
|
|
|
|
# <tt>*value</tt>::
|
|
|
|
# value or list of values of the cookie
|
|
|
|
# +options_hash+::
|
|
|
|
# A Hash of options to initialize this Cookie. Possible options are:
|
2008-09-09 17:09:56 +04:00
|
|
|
#
|
2011-05-17 01:21:35 +04:00
|
|
|
# name:: the name of the cookie. Required.
|
|
|
|
# value:: the cookie's value or list of values.
|
|
|
|
# path:: the path for which this cookie applies. Defaults to the
|
|
|
|
# the value of the +SCRIPT_NAME+ environment variable.
|
|
|
|
# domain:: the domain for which this cookie applies.
|
|
|
|
# expires:: the time at which this cookie expires, as a +Time+ object.
|
|
|
|
# secure:: whether this cookie is a secure cookie or not (default to
|
|
|
|
# false). Secure cookies are only transmitted to HTTPS
|
|
|
|
# servers.
|
2015-05-15 02:27:01 +03:00
|
|
|
# httponly:: whether this cookie is a HttpOnly cookie or not (default to
|
|
|
|
# false). HttpOnly cookies are not available to javascript.
|
2011-05-17 01:21:35 +04:00
|
|
|
#
|
|
|
|
# These keywords correspond to attributes of the cookie object.
|
2008-09-09 17:09:56 +04:00
|
|
|
def initialize(name = "", *value)
|
2010-04-06 07:01:52 +04:00
|
|
|
@domain = nil
|
|
|
|
@expires = nil
|
2008-09-09 17:09:56 +04:00
|
|
|
if name.kind_of?(String)
|
|
|
|
@name = name
|
|
|
|
%r|^(.*/)|.match(ENV["SCRIPT_NAME"])
|
|
|
|
@path = ($1 or "")
|
|
|
|
@secure = false
|
2015-05-15 02:27:01 +03:00
|
|
|
@httponly = false
|
2009-09-14 02:36:45 +04:00
|
|
|
return super(value)
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
|
|
|
|
|
|
|
options = name
|
|
|
|
unless options.has_key?("name")
|
|
|
|
raise ArgumentError, "`name' required"
|
|
|
|
end
|
|
|
|
|
|
|
|
@name = options["name"]
|
2009-09-14 02:36:45 +04:00
|
|
|
value = Array(options["value"])
|
2008-09-09 17:09:56 +04:00
|
|
|
# simple support for IE
|
|
|
|
if options["path"]
|
|
|
|
@path = options["path"]
|
|
|
|
else
|
|
|
|
%r|^(.*/)|.match(ENV["SCRIPT_NAME"])
|
|
|
|
@path = ($1 or "")
|
|
|
|
end
|
|
|
|
@domain = options["domain"]
|
|
|
|
@expires = options["expires"]
|
2015-05-15 02:27:01 +03:00
|
|
|
@secure = options["secure"] == true
|
|
|
|
@httponly = options["httponly"] == true
|
2008-09-09 17:09:56 +04:00
|
|
|
|
2009-09-14 02:36:45 +04:00
|
|
|
super(value)
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
|
|
|
|
2011-05-17 01:21:35 +04:00
|
|
|
# Name of this cookie, as a +String+
|
|
|
|
attr_accessor :name
|
|
|
|
# Path for which this cookie applies, as a +String+
|
|
|
|
attr_accessor :path
|
|
|
|
# Domain for which this cookie applies, as a +String+
|
|
|
|
attr_accessor :domain
|
|
|
|
# Time at which this cookie expires, as a +Time+
|
|
|
|
attr_accessor :expires
|
|
|
|
# True if this cookie is secure; false otherwise
|
2015-05-15 02:27:01 +03:00
|
|
|
attr_reader :secure
|
|
|
|
# True if this cookie is httponly; false otherwise
|
|
|
|
attr_reader :httponly
|
2008-09-09 17:09:56 +04:00
|
|
|
|
2011-05-19 01:07:13 +04:00
|
|
|
# Returns the value or list of values for this cookie.
|
2009-09-14 02:36:45 +04:00
|
|
|
def value
|
|
|
|
self
|
|
|
|
end
|
|
|
|
|
2011-05-19 01:07:13 +04:00
|
|
|
# Replaces the value of this cookie with a new value or list of values.
|
2009-09-14 02:36:45 +04:00
|
|
|
def value=(val)
|
|
|
|
replace(Array(val))
|
|
|
|
end
|
|
|
|
|
2008-09-09 17:09:56 +04:00
|
|
|
# Set whether the Cookie is a secure cookie or not.
|
|
|
|
#
|
|
|
|
# +val+ must be a boolean.
|
|
|
|
def secure=(val)
|
2015-05-15 11:59:33 +03:00
|
|
|
@secure = val if val == true or val == false
|
|
|
|
@secure
|
2015-05-15 02:27:01 +03:00
|
|
|
end
|
|
|
|
|
|
|
|
# Set whether the Cookie is a httponly cookie or not.
|
|
|
|
#
|
|
|
|
# +val+ must be a boolean.
|
|
|
|
def httponly=(val)
|
|
|
|
@httponly = !!val
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
|
|
|
|
|
|
|
# Convert the Cookie to its string representation.
|
|
|
|
def to_s
|
2013-04-19 03:47:07 +04:00
|
|
|
val = collect{|v| CGI.escape(v) }.join("&")
|
2017-02-18 08:52:16 +03:00
|
|
|
buf = "#{@name}=#{val}".dup
|
2008-09-10 05:36:31 +04:00
|
|
|
buf << "; domain=#{@domain}" if @domain
|
|
|
|
buf << "; path=#{@path}" if @path
|
|
|
|
buf << "; expires=#{CGI::rfc1123_date(@expires)}" if @expires
|
2015-05-15 02:27:01 +03:00
|
|
|
buf << "; secure" if @secure
|
|
|
|
buf << "; HttpOnly" if @httponly
|
2008-09-09 17:09:56 +04:00
|
|
|
buf
|
|
|
|
end
|
|
|
|
|
2013-04-19 03:47:07 +04:00
|
|
|
# Parse a raw cookie string into a hash of cookie-name=>Cookie
|
|
|
|
# pairs.
|
|
|
|
#
|
|
|
|
# cookies = CGI::Cookie.parse("raw_cookie_string")
|
|
|
|
# # { "name1" => cookie1, "name2" => cookie2, ... }
|
|
|
|
#
|
|
|
|
def self.parse(raw_cookie)
|
|
|
|
cookies = Hash.new([])
|
|
|
|
return cookies unless raw_cookie
|
2008-09-09 17:09:56 +04:00
|
|
|
|
2016-09-27 06:17:47 +03:00
|
|
|
raw_cookie.split(/;\s?/).each do |pairs|
|
2013-04-19 03:47:07 +04:00
|
|
|
name, values = pairs.split('=',2)
|
|
|
|
next unless name and values
|
|
|
|
name = CGI.unescape(name)
|
|
|
|
values ||= ""
|
|
|
|
values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
|
|
|
|
if cookies.has_key?(name)
|
|
|
|
values = cookies[name].value + values
|
|
|
|
end
|
|
|
|
cookies[name] = Cookie.new(name, *values)
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
2013-04-19 03:47:07 +04:00
|
|
|
|
|
|
|
cookies
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
|
|
|
|
2013-06-03 06:38:32 +04:00
|
|
|
# A summary of cookie string.
|
|
|
|
def inspect
|
|
|
|
"#<CGI::Cookie: #{self.to_s.inspect}>"
|
|
|
|
end
|
|
|
|
|
2013-04-19 03:47:07 +04:00
|
|
|
end # class Cookie
|
2008-09-09 17:09:56 +04:00
|
|
|
end
|
|
|
|
|
|
|
|
|