diff options
| author | nanaya <me@myconan.net> | 2017-02-19 21:50:53 +0900 |
|---|---|---|
| committer | nanaya <me@myconan.net> | 2017-02-19 21:50:53 +0900 |
| commit | 37aa0887c08e548725633bd25bc786913e75d924 (patch) | |
| tree | c1a1f8bd17bcf7c535ae3b56d089291198c88fd2 | |
| parent | 0d74df67db33cc2a9858ea1568bf47ad8583d84c (diff) | |
| download | rack-37aa0887c08e548725633bd25bc786913e75d924.tar.gz | |
Use .httpdate for expires date formatting
Specified in RFC 7231, section 7.1.1.2: Date.
| -rw-r--r-- | lib/rack/utils.rb | 26 | ||||
| -rw-r--r-- | test/spec_response.rb | 10 |
2 files changed, 6 insertions, 30 deletions
diff --git a/lib/rack/utils.rb b/lib/rack/utils.rb index c253f3cf..eb49466d 100644 --- a/lib/rack/utils.rb +++ b/lib/rack/utils.rb @@ -221,31 +221,7 @@ module Rack domain = "; domain=#{value[:domain]}" if value[:domain] path = "; path=#{value[:path]}" if value[:path] max_age = "; max-age=#{value[:max_age]}" if value[:max_age] - # There is an RFC mess in the area of date formatting for Cookies. Not - # only are there contradicting RFCs and examples within RFC text, but - # there are also numerous conflicting names of fields and partially - # cross-applicable specifications. - # - # These are best described in RFC 2616 3.3.1. This RFC text also - # specifies that RFC 822 as updated by RFC 1123 is preferred. That is a - # fixed length format with space-date delimited fields. - # - # See also RFC 1123 section 5.2.14. - # - # RFC 6265 also specifies "sane-cookie-date" as RFC 1123 date, defined - # in RFC 2616 3.3.1. RFC 6265 also gives examples that clearly denote - # the space delimited format. These formats are compliant with RFC 2822. - # - # For reference, all involved RFCs are: - # RFC 822 - # RFC 1123 - # RFC 2109 - # RFC 2616 - # RFC 2822 - # RFC 2965 - # RFC 6265 - expires = "; expires=" + - rfc2822(value[:expires].clone.gmtime) if value[:expires] + expires = "; expires=#{value[:expires].httpdate}" if value[:expires] secure = "; secure" if value[:secure] httponly = "; HttpOnly" if (value.key?(:httponly) ? value[:httponly] : value[:http_only]) same_site = diff --git a/test/spec_response.rb b/test/spec_response.rb index 987199de..4fd7d2b3 100644 --- a/test/spec_response.rb +++ b/test/spec_response.rb @@ -186,7 +186,7 @@ describe Rack::Response do response.delete_cookie "foo" response["Set-Cookie"].must_equal [ "foo2=bar2", - "foo=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" + "foo=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT" ].join("\n") end @@ -196,10 +196,10 @@ describe Rack::Response do response.set_cookie "foo", {:value => "bar", :domain => ".example.com"} response["Set-Cookie"].must_equal ["foo=bar; domain=sample.example.com", "foo=bar; domain=.example.com"].join("\n") response.delete_cookie "foo", :domain => ".example.com" - response["Set-Cookie"].must_equal ["foo=bar; domain=sample.example.com", "foo=; domain=.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"].join("\n") + response["Set-Cookie"].must_equal ["foo=bar; domain=sample.example.com", "foo=; domain=.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT"].join("\n") response.delete_cookie "foo", :domain => "sample.example.com" - response["Set-Cookie"].must_equal ["foo=; domain=.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000", - "foo=; domain=sample.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"].join("\n") + response["Set-Cookie"].must_equal ["foo=; domain=.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT", + "foo=; domain=sample.example.com; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT"].join("\n") end it "can delete cookies with the same name with different paths" do @@ -211,7 +211,7 @@ describe Rack::Response do response.delete_cookie "foo", :path => "/path" response["Set-Cookie"].must_equal ["foo=bar; path=/", - "foo=; path=/path; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"].join("\n") + "foo=; path=/path; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT"].join("\n") end it "can do redirects" do |