diff --git a/library/network/protocol/http/src/http_cookie.e b/library/network/protocol/http/src/http_cookie.e index 941a47c5..a896e3b2 100644 --- a/library/network/protocol/http/src/http_cookie.e +++ b/library/network/protocol/http/src/http_cookie.e @@ -95,7 +95,7 @@ feature -- Access until l_found loop - if not is_valid_character (ic.item.to_character_8) then + if not is_valid_character (ic.item.natural_32_code) then Result := False l_found := True end @@ -304,7 +304,7 @@ feature {NONE} -- Constants end - is_valid_character (c: CHARACTER): BOOLEAN + is_valid_character (c: NATURAL_32): BOOLEAN -- RFC6265 that specifies that the following is valid for characters in cookies. -- The following character ranges are valid:http://tools.ietf.org/html/rfc6265#section-4.1.1 -- %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E @@ -317,7 +317,7 @@ feature {NONE} -- Constants EIS: "name=valid-characters", "src=http://tools.ietf.org/html/rfc6265#section-4.1.1", "protocol=uri" do Result := True - inspect c.natural_32_code + inspect c when 0x21 then when 0x23 .. 0x2B then when 0x2D .. 0x3A then diff --git a/library/server/wsf/src/wsf_response.e b/library/server/wsf/src/wsf_response.e index 3dac3fc3..0a906c20 100644 --- a/library/server/wsf/src/wsf_response.e +++ b/library/server/wsf/src/wsf_response.e @@ -331,12 +331,8 @@ feature -- Header add cookie internal_header.headers as ic until l_same_cookie_name loop - if ic.item.starts_with ("Set-Cookie") then - l_nv := ic.item.split (';').at (1).split (':').at (2) - l_nv.adjust - if l_nv.starts_with (a_cookie.name) then - l_same_cookie_name := True - end + if is_cookie_line (ic.item) then + l_same_cookie_name := has_cookie_name (ic.item, a_cookie.name) end end if not l_same_cookie_name then @@ -547,6 +543,46 @@ feature -- Error reporting wgi_response.put_error (a_message) end +feature {NONE} -- Implemenation + + has_cookie_name (a_cookie_line, a_cookie_name: READABLE_STRING_32 ): BOOLEAN + -- Has the cookie line `a_cookie_line', the cookie name `a_cookie_name'? + local + i,j: INTEGER + do + Result := False + i := a_cookie_line.index_of ('=', 1) + j := a_cookie_line.index_of (':', 1) + + if i > j and j > 0 then + i := i - 1 + j := j + 1 + from until not a_cookie_line[j].is_space loop + j := j + 1 + end + if a_cookie_line.substring (j, i).same_string (a_cookie_name) then + Result := True + end + end + end + + + is_cookie_line (a_line: READABLE_STRING_32): BOOLEAN + -- Is the line `a_line' a cookie line? + --| Set-Cookie: user_id=%"u12;345%"; Domain=www.example.com; Path=/; Expires=Sat, 18 Apr 2015 21:22:05 GMT; Max-Age=-1; Secure; HttpOnly + local + j: INTEGER + do + Result := False + j := a_line.index_of (':', 1) + if j > 0 then + j := j - 1 + if a_line.substring (1, j).same_string ("Set-Cookie") then + Result := True + end + end + end + note copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Olivier Ligot, Colin Adams, Eiffel Software and others" license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)" diff --git a/library/server/wsf/tests/src/wgi_response_null.e b/library/server/wsf/tests/src/wgi_response_null.e index 035413c1..95b47c83 100644 --- a/library/server/wsf/tests/src/wgi_response_null.e +++ b/library/server/wsf/tests/src/wgi_response_null.e @@ -124,7 +124,7 @@ feature -- Error reporting end end -feature {EQA_TEST_SET} -- Implementation: Access +feature -- Implementation: Access output: STRING -- Server output channel