* lib/cgi/cookie.rb: Implement HttpOnly flag for cookies.

  [fix GH-887] Patch by @martinpovolny

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50496 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 4 insertions, 1 deletions

diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb
index 8f0fb70827..eee6215fac 100644
--- a/test/cgi/test_cgi_cookie.rb
+++ b/test/cgi/test_cgi_cookie.rb
@@ -31,6 +31,7 @@ class CGICookieTest < Test::Unit::TestCase
     assert_nil(cookie.expires)
     assert_equal('', cookie.path)
     assert_equal(false, cookie.secure)
+    assert_equal(false, cookie.httponly)
     assert_equal("name1=val1&%26%3C%3E%22&%E3%82%86%E3%82%93%E3%82%86%E3%82%93; path=", cookie.to_s)
   end
 
@@ -45,6 +46,7 @@ class CGICookieTest < Test::Unit::TestCase
                              'domain'=>'www.example.com',
                              'expires'=>t,
                              'secure'=>true,
+                             'httponly'=>true
                              )
     assert_equal('name1', cookie.name)
     assert_equal(value, cookie.value)
@@ -52,7 +54,8 @@ class CGICookieTest < Test::Unit::TestCase
     assert_equal(t, cookie.expires)
     assert_equal('/cgi-bin/myapp/', cookie.path)
     assert_equal(true, cookie.secure)
-    assert_equal('name1=val1&%26%3C%3E%22&%A5%E0%A5%B9%A5%AB; domain=www.example.com; path=/cgi-bin/myapp/; expires=Tue, 31 Dec 2030 23:59:59 GMT; secure', cookie.to_s)
+    assert_equal(true, cookie.httponly)
+    assert_equal('name1=val1&%26%3C%3E%22&%A5%E0%A5%B9%A5%AB; domain=www.example.com; path=/cgi-bin/myapp/; expires=Tue, 31 Dec 2030 23:59:59 GMT; secure; HttpOnly', cookie.to_s)
   end