diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/cgi/test_cgi_cookie.rb | 7 | ||||
-rw-r--r-- | test/webrick/test_cookie.rb | 9 |
2 files changed, 14 insertions, 2 deletions
diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb index ae7b14a4dd..ca81e41133 100644 --- a/test/cgi/test_cgi_cookie.rb +++ b/test/cgi/test_cgi_cookie.rb @@ -88,9 +88,12 @@ class CGICookieTest < Test::Unit::TestCase assert_equal(name, cookie.name) assert_equal(value, cookie.value) end - ## ',' separator - cookie_str = 'name1=val1&val2, name2=val2&%26%3C%3E%22&%E3%82%86%E3%82%93%E3%82%86%E3%82%93,_session_id=12345' + ## don't allow ',' separator + cookie_str = 'name1=val1&val2, name2=val2' cookies = CGI::Cookie.parse(cookie_str) + list = [ + ['name1', ['val1', 'val2, name2=val2']], + ] list.each do |name, value| cookie = cookies[name] assert_equal(name, cookie.name) diff --git a/test/webrick/test_cookie.rb b/test/webrick/test_cookie.rb index ebbc5939dc..e46185f127 100644 --- a/test/webrick/test_cookie.rb +++ b/test/webrick/test_cookie.rb @@ -49,11 +49,20 @@ class TestWEBrickCookie < Test::Unit::TestCase data = "hoge=moge; __div__session=9865ecfd514be7f7" cookies = WEBrick::Cookie.parse(data) + assert_equal(2, cookies.size) assert_equal(0, cookies[0].version) assert_equal("hoge", cookies[0].name) assert_equal("moge", cookies[0].value) assert_equal("__div__session", cookies[1].name) assert_equal("9865ecfd514be7f7", cookies[1].value) + + # don't allow ,-separator + data = "hoge=moge, __div__session=9865ecfd514be7f7" + cookies = WEBrick::Cookie.parse(data) + assert_equal(1, cookies.size) + assert_equal(0, cookies[0].version) + assert_equal("hoge", cookies[0].name) + assert_equal("moge, __div__session=9865ecfd514be7f7", cookies[0].value) end def test_parse_no_whitespace |