CGI::Cookie.parse problem?


#1

Hi,

I’m interfacing with a site that is sending me back a cookie like
the following, in the HTTP ‘set-cookie’ field.

require 'cgi'

raw_cookie =
  "ID=867.5309; path=/; domain=site.com, " +
  "SESS_mem=deleted; expires=Mon, 24 Jan 2005 19:48:10 GMT; path=/; 
domain=.site.com, " +
  "SESS_mem=deleted; expires=Mon, 24 Jan 2005 19:48:10 GMT; path=/; 
domain=.site.com, " +
  "SESS_mem=xyzzy-plugh-plover; path=/; domain=.site.com"

k = CGI::Cookie.parse(raw_cookie)

p k

This program outputs:

{“expires”=>[“Mon, 24 Jan 2005 19:48:10 GMT”],
“domain”=>[“site.com, SESS_mem=deleted”],
“ID”=>[“867.5309”], “path”=>["/"]}

Is this a reasonable way for this set-cookie data to be parsed? It
seems
that CGI::Cookie.parse() isn’t aware that there are multiple cookies
specified in the data… It’s sort of giving a mixture of fields from
the four separate cookies.

Looking at the RFC, http://www.faqs.org/rfcs/rfc2965.html
it seems to me the above raw_cookie data, conforms to the spec:

Informally, the Set-Cookie2 response header comprises the token Set-
Cookie2:, followed by a comma-separated list of one or more cookies.
Each cookie begins with a NAME=VALUE pair, followed by zero or more
semi-colon-separated attribute-value pairs.

Has anyone else run into this? I tried Perl’s CGI cookie parsing and
it returned similarly garbled results for this set-cookie data.

So I’m wondering if it’s really a bug? Or if I’m somehow misusing
CGI::Cookie.parse() , sending it the wrong format data, or whatever.

Thanks,

Regards,

Bill


#2

[replying to my own post]

So I’m wondering if it’s really a bug? Or if I’m somehow misusing
CGI::Cookie.parse() , sending it the wrong format data, or whatever.

Ah… It seems the problem is I’m trying to parse server->client
cookies, which are apparently of a different syntax than
client->server cookies.

I’ve written my own simplistic ServerCookie parser to meet my
current needs. But, anyone know if a ServerCookie parser already
exists for Ruby?

Thanks,

Bill