Skip to content
This repository has been archived by the owner on Jan 5, 2024. It is now read-only.

cookiejar should ignore cookie attributes that it does not recognize. #19

Open
mgsococo opened this issue Oct 31, 2014 · 0 comments
Open

cookiejar should ignore cookie attributes that it does not recognize. #19

mgsococo opened this issue Oct 31, 2014 · 0 comments

Comments

@mgsococo
Copy link

Currently, cookiejar raises an exception when a cookie has an attribute/parameter that the cookiejar parser does not recognize. It also fails to parse cookies in headers if it contains unrecognized attributes. It should ignore the attribute rather than raise an exception. This is in violation of all current and former RFCs describing implementation of cookies.

irb(main):008:0> jar.set_cookie(u, 'foo=bar; RandomAttribute=1')
CookieJar::InvalidCookieError: Unknown cookie parameter 'randomattribute'

RFC 6525 4.1.2 "User agents ignore unrecognized cookie attributes (but not the entire cookie)."

RFC 2965 3.3 "The user agent MUST ignore attribute-value pairs whose attribute it does not recognize."

RFC 2109 10.1.1 "An "old" client that receives a "new" cookie will ignore attributes it does not understand; it returns what it does understand to the origin server."
@sfeuga sfeuga mentioned this issue Oct 18, 2017
Open
pre added a commit to smartlyio/cookiejar that referenced this issue May 17, 2018
@pre
MONKEY PATCH: Remove check which fails with .domain.com cookies
d25b372 
There has been an open issue in cookiejar Gem since 2014.
The project seems unmaintained, but it's used by the faye gem.

References:
* restforce/restforce#120
* dwaite#19
* dwaite#23
@rodrigotomonari rodrigotomonari mentioned this issue Jan 10, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mgsococo