Skip Menu |

This queue is for tickets about the libwww-perl CPAN distribution.

Report information
The Basics
Id: 38480
Status: resolved
Priority: 0/
Queue: libwww-perl
People
Owner: Nobody in particular
Requestors: robert.stockdale [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in:
  • 5.10
  • 5.18
  • 5.22
  • 5.36
  • 5.43
  • 5.44
  • 5.45
  • 5.46
  • 5.47
  • 5.48
  • 5.49
  • 5.50
  • 5.51
  • 5.52
  • 5.53
  • 5.53_97
  • 5.60
  • 5.61
  • 5.62
  • 5.63
  • 5.64
  • 5.65
  • 5.66
  • 5.67
  • 5.68
  • 5.69
  • 5.70
  • 5.71
  • 5.72
  • 5.73
  • 5.74
  • 5.75
  • 5.76
  • 5.77
  • 5.78
  • 5.79
  • 5.800
  • 5.801
  • 5.802
  • 5.803
  • 5.804
  • 5.805
  • 5.806
  • 5.807
  • 5.808
  • 5.810
  • 5.811
  • 5.812
  • 5.813
  • 5.814
Fixed in: (no value)

History Show all quoted text
  Thu Aug 14 09:49:59 2008 robert.stockdale [...] gmail.com - Ticket created
Subject: [PATCH] HTTP::Cookies produces warnings for undefined cookie param names
HTTP::Cookies produces warnings when a malformed cookie is set. Specifically when there is no key for a cookie param as shown immediately preceding the "version" param in this example: Set-Cookie3: cosign-shibboleth=8hGufDmgGkvh467qSZySOu6X4AHViO; path="/"; domain=shibboleth.somedomain.com; path_spec; discard; ; version=0 The two line patch to prevent warnings is attached.
Subject: cookies.patch
--- Cookies.pm.old Thu Aug 14 09:40:41 2008 +++ Cookies.pm Thu Aug 14 09:44:45 2008 @@ -218,8 +218,9 @@ my $param; my $expires; my $first_param = 1; - for $param (split(/;\s*/, $set)) { + SET_PARAM: for $param (split(/;\s*/, $set)) { my($k,$v) = split(/\s*=\s*/, $param, 2); + next SET_PARAM unless defined $k; if (defined $v) { $v =~ s/\s+$//; #print "$k => $v\n";
  Thu Aug 14 12:38:02 2008 GAAS [...] cpan.org - Correspondence added
Can you provide a trivial program that just construct a response object and then call $jar->extract_cookies on it that fails the way you say. I don't understand under what circumstances $k could ever be undefined. Need a test case for the test suite. Your Set-Cookie3 isn't helpful as that header would never be parsed anyways.
  Thu Aug 14 12:38:04 2008 The RT System itself - Status changed from 'new' to 'open'
  Fri Aug 15 12:05:49 2008 robert.stockdale [...] gmail.com - Correspondence added
From: robert.stockdale [...] gmail.com
On Thu Aug 14 12:38:02 2008, GAAS wrote: Show quoted text
> Can you provide a trivial program that just construct a response object > and then call $jar->extract_cookies on it that fails the way you say. I > don't understand under what circumstances $k could ever be undefined. > Need a test case for the test suite.
The attached file should do the trick. Show quoted text
> Your Set-Cookie3 isn't helpful as that header would never be parsed
anyways. Sorry about that. Dumped that out using the as_string method, which I'm sure you know uses Set-Cookie3 by default. :-)
#!/usr/local/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use HTTP::Response; my $mech = WWW::Mechanize->new(); $mech->get('https://myub.buffalo.edu'); my $request = $mech->response()->request(); my $response = HTTP::Response->parse(q{Set-Cookie: cosign-shibboleth=aAcCYwNtXj1fEF+uvgocqN2UhMuy8Fjd0;;path=/}); $response->request($request); my $jar = HTTP::Cookies->new(); $jar->extract_cookies($mech->response());
  Fri Aug 15 12:09:12 2008 robert.stockdale [...] gmail.com - Correspondence added
From: robert.stockdale [...] gmail.com
You can also modify the script slightly to use the response that is created by the parse() method. Both produce warnings.
  Fri Aug 15 12:35:18 2008 GAAS [...] cpan.org - Correspondence added
On Fri Aug 15 12:09:12 2008, stocks29 wrote: Show quoted text
> You can also modify the script slightly to use the response that is > created by the parse() method. Both produce warnings.
Something like this was what I wanted. This produce the warning with the minimal set of modules in use. #!/usr/local/bin/perl -w use strict; use warnings; use HTTP::Cookies; use HTTP::Response; use HTTP::Request; my $response = HTTP::Response->parse(<<EOT); 200 OK Set-Cookie: cosign-shibboleth=aAcCYwNtXj1fEF+uvgocqN2UhMuy8Fjd0;;path=/ EOT $response->request(HTTP::Request->new(GET => "https://myub.buffalo.edu")); my $jar = HTTP::Cookies->new(); $jar->extract_cookies($response);
  Fri Aug 15 13:01:35 2008 GAAS [...] cpan.org - Correspondence added
commit 1ded87d850fd7214abf0e0283573ac456ecf6dc5 Author: Gisle Aas <gisle@aas.no> Date: Fri Aug 15 18:59:12 2008 +0200 HTTP::Cookies produces warnings for undefined cookie param names [RT#38480] diff --git a/lib/HTTP/Cookies.pm b/lib/HTTP/Cookies.pm index 7abc4b2..6aabfdb 100644 --- a/lib/HTTP/Cookies.pm +++ b/lib/HTTP/Cookies.pm @@ -214,11 +214,13 @@ sub extract_cookies my $set; for $set (@ns_set) { + $set =~ s/^\s+//; my @cur; my $param; my $expires; my $first_param = 1; for $param (split(/;\s*/, $set)) { + next unless length($param); my($k,$v) = split(/\s*=\s*/, $param, 2); if (defined $v) { $v =~ s/\s+$//; diff --git a/t/base/cookies.t b/t/base/cookies.t index e6e3ac5..7f71bd1 100644 --- a/t/base/cookies.t +++ b/t/base/cookies.t @@ -1,4 +1,4 @@ -print "1..43\n"; +print "1..44\n"; #use LWP::Debug '+'; use HTTP::Cookies; @@ -668,6 +668,16 @@ print "not " unless $c->as_string eq <<'EOT'; print "ok 43\n"; Set-Cookie3: CUSTOMER=WILE_E_COYOTE; path="/"; domain=example.com; path_spec; discard; version=0 EOT +# Test empty cookie part [RT#38480] +$c = HTTP::Cookies->new; +$res->header("Set-Cookie" => "CUSTOMER=WILE_E_COYOTE;;path=/;"); +#print $res->as_string; +$c->extract_cookies($res); +#print $c->as_string; +print "not " unless $c->as_string eq <<'EOT'; print "ok 44\n"; +Set-Cookie3: CUSTOMER=WILE_E_COYOTE; path="/"; domain=example.com; path_spec; discard; version=0 +EOT + #-------------------------------------------------------------------
  Fri Aug 15 13:01:37 2008 GAAS [...] cpan.org - Status changed from 'open' to 'resolved'