Bug in WEBrick::Cookie

Hi. I’m not sure if this is the correct mailing list for this, but…
I
think that WEBrick::parse_set_cookie should return an
array of cookies rather than just one. RFC2109 section 4.2.2 says:

Informally, the Set-Cookie response header comprises the token Set-
Cookie:, followed by a comma-separated list of one or more cookies.

I’ve found at least one site (http://mail.google.com/mail/) sending
multiple
cookies in one Set-Cookie header. I’ve included a patch below that made
it work a bit better for me. Sorry the patch is kind of long because I
indented stuff…

This also seems to be a problem in CGI::parse.

–Aaron

— lib/webrick/cookie.rb.old 2006-09-01 20:38:39.000000000 -0700
+++ lib/webrick/cookie.rb 2006-09-01 20:41:04.000000000 -0700
@@ -77,28 +77,32 @@
end

 def self.parse_set_cookie(str)

•  cookie_elem = str.split(/;/)
  

•  first_elem = cookie_elem.shift
  

•  first_elem.strip!
  

•  key, value = first_elem.split(/=/, 2)
  

•  cookie = new(key, HTTPUtils.dequote(value))
  

•  cookie_elem.each{|pair|
  

•    pair.strip!
  

•    key, value = pair.split(/=/, 2)
  

•    if value
  

•      value = HTTPUtils.dequote(value.strip)
  

•    end
  

•    case key.downcase
  

•    when "domain"  then cookie.domain  = value
  

•    when "path"    then cookie.path    = value
  

•    when "expires" then cookie.expires = value
  

•    when "max-age" then cookie.max_age = Integer(value)
  

•    when "comment" then cookie.comment = value
  

•    when "version" then cookie.version = Integer(value)
  

•    when "secure"  then cookie.secure = true
  

•    end
  

•  cookies = []
  

•  str.gsub(/(,([^;,]*=)|,$)/) { "\r\n#{$2}" }.split(/\r\n/).each { 
  

|c|

•    cookie_elem = c.split(/;/)
  

•    first_elem = cookie_elem.shift
  

•    first_elem.strip!
  

•    key, value = first_elem.split(/=/, 2)
  

•    cookie = new(key, HTTPUtils.dequote(value))
  

•    cookie_elem.each{|pair|
  

•      pair.strip!
  

•      key, value = pair.split(/=/, 2)
  

•      if value
  

•        value = HTTPUtils.dequote(value.strip)
  

•      end
  

•      case key.downcase
  

•      when "domain"  then cookie.domain  = value
  

•      when "path"    then cookie.path    = value
  

•      when "expires" then cookie.expires = value
  

•      when "max-age" then cookie.max_age = Integer(value)
  

•      when "comment" then cookie.comment = value
  

•      when "version" then cookie.version = Integer(value)
  

•      when "secure"  then cookie.secure = true
  

•      end
  

•    }
  

•    cookies << cookie
   }
  

•  return cookie
  

•  return cookies
  

  end
  end
  end