mirror of
https://github.com/ninenines/cowboy.git
synced 2025-07-14 20:30:23 +00:00
Merge branch 'cookie_slash' of https://github.com/bfrog/cowboy
This commit is contained in:
Loïc Hoguin
commit
a95245d9c9
1 changed files with 21 additions and 13 deletions
|
|
@ -96,7 +96,7 @@ cookie(Key, Value, Options) when is_binary(Key)
|
||||||
undefined ->
|
undefined ->
|
||||||
<<"">>;
|
<<"">>;
|
||||||
Path ->
|
Path ->
|
||||||
<<"; Path=", (quote(Path))/binary>>
|
<<"; Path=", (quote(Path, true))/binary>>
|
||||||
end,
|
end,
|
||||||
HttpOnlyPart =
|
HttpOnlyPart =
|
||||||
case proplists:get_value(http_only, Options) of
|
case proplists:get_value(http_only, Options) of
|
||||||
|
|
@ -119,7 +119,7 @@ is_whitespace($\r) -> true;
|
||||||
is_whitespace($\n) -> true;
|
is_whitespace($\n) -> true;
|
||||||
is_whitespace(_) -> false.
|
is_whitespace(_) -> false.
|
||||||
|
|
||||||
%% @doc Check if a character is a seperator.
|
%% @doc Check if a character is a separator.
|
||||||
-spec is_separator(char()) -> boolean().
|
-spec is_separator(char()) -> boolean().
|
||||||
is_separator(C) when C < 32 -> true;
|
is_separator(C) when C < 32 -> true;
|
||||||
is_separator($\s) -> true;
|
is_separator($\s) -> true;
|
||||||
|
|
@ -143,34 +143,39 @@ is_separator(${) -> true;
|
||||||
is_separator($}) -> true;
|
is_separator($}) -> true;
|
||||||
is_separator(_) -> false.
|
is_separator(_) -> false.
|
||||||
|
|
||||||
%% @doc Check if a binary has an ASCII seperator character.
|
%% @doc Check if a binary has an ASCII separator character.
|
||||||
-spec has_seperator(binary()) -> boolean().
|
-spec has_separator(binary(), boolean()) -> boolean().
|
||||||
has_seperator(<<>>) ->
|
has_separator(<<>>, _) ->
|
||||||
false;
|
false;
|
||||||
has_seperator(<<$/, Rest/binary>>) ->
|
has_separator(<<$/, Rest/binary>>, true) ->
|
||||||
has_seperator(Rest);
|
has_separator(Rest, true);
|
||||||
has_seperator(<<C, Rest/binary>>) ->
|
has_separator(<<C, Rest/binary>>, IgnoreSlash) ->
|
||||||
case is_separator(C) of
|
case is_separator(C) of
|
||||||
true ->
|
true ->
|
||||||
true;
|
true;
|
||||||
false ->
|
false ->
|
||||||
has_seperator(Rest)
|
has_separator(Rest, IgnoreSlash)
|
||||||
end.
|
end.
|
||||||
|
|
||||||
%% @doc Convert to a binary and raise an error if quoting is required. Quoting
|
%% @doc Convert to a binary and raise an error if quoting is required. Quoting
|
||||||
%% is broken in different ways for different browsers. Its better to simply
|
%% is broken in different ways for different browsers. Its better to simply
|
||||||
%% avoiding doing it at all.
|
%% avoiding doing it at all.
|
||||||
%% @end
|
%% @end
|
||||||
-spec quote(term()) -> binary().
|
-spec quote(term(), boolean()) -> binary().
|
||||||
quote(V0) ->
|
quote(V0, IgnoreSlash) ->
|
||||||
V = any_to_binary(V0),
|
V = any_to_binary(V0),
|
||||||
case has_seperator(V) of
|
case has_separator(V, IgnoreSlash) of
|
||||||
true ->
|
true ->
|
||||||
erlang:error({cookie_quoting_required, V});
|
erlang:error({cookie_quoting_required, V});
|
||||||
false ->
|
false ->
|
||||||
V
|
V
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
%% @equiv quote(Bin, false)
|
||||||
|
-spec quote(term()) -> binary().
|
||||||
|
quote(V0) ->
|
||||||
|
quote(V0, false).
|
||||||
|
|
||||||
-spec add_seconds(integer(), calendar:datetime()) -> calendar:datetime().
|
-spec add_seconds(integer(), calendar:datetime()) -> calendar:datetime().
|
||||||
add_seconds(Secs, LocalTime) ->
|
add_seconds(Secs, LocalTime) ->
|
||||||
Greg = calendar:datetime_to_gregorian_seconds(LocalTime),
|
Greg = calendar:datetime_to_gregorian_seconds(LocalTime),
|
||||||
|
|
@ -265,7 +270,7 @@ binary_splitwith(F, Head, Tail) ->
|
||||||
binary_splitwith(F, String) ->
|
binary_splitwith(F, String) ->
|
||||||
binary_splitwith(F, <<>>, String).
|
binary_splitwith(F, <<>>, String).
|
||||||
|
|
||||||
%% @doc Split the binary when the next seperator is found.
|
%% @doc Split the binary when the next separator is found.
|
||||||
-spec read_token(binary()) -> {binary(), binary()}.
|
-spec read_token(binary()) -> {binary(), binary()}.
|
||||||
read_token(String) ->
|
read_token(String) ->
|
||||||
binary_splitwith(fun is_separator/1, String).
|
binary_splitwith(fun is_separator/1, String).
|
||||||
|
|
@ -301,6 +306,9 @@ quote_test() ->
|
||||||
catch error:{cookie_quoting_required, <<":wq">>} -> ok
|
catch error:{cookie_quoting_required, <<":wq">>} -> ok
|
||||||
end,
|
end,
|
||||||
?assertEqual(<<"foo">>,quote(foo)),
|
?assertEqual(<<"foo">>,quote(foo)),
|
||||||
|
_ = try quote(<<"/test/slashes/">>)
|
||||||
|
catch error:{cookie_quoting_required, <<"/test/slashes/">>} -> ok
|
||||||
|
end,
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
parse_cookie_test() ->
|
parse_cookie_test() ->
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue