gist: 221171


  
      CookieBehaviourTest.pl #
    
    
        embed
        
      
      raw
    
  
            1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159

          
              #!/usr/bin/perl
use strict;
use warnings;
 
use HTTP::Engine;
 
my $engine = HTTP::Engine->new(
  interface => {
    module => 'ServerSimple',
    args   => {
      host => 'localhost',
      port => '8080',
    },
    request_handler => \&handle_request,
  },
);
 
use HTTP::Engine::Response;
 
sub fisher_yates_shuffle {
  my $deck = shift;    # $deck is a reference to an array
  return unless @$deck;    # must not be empty!
 
  my $i = @$deck;
  while ( --$i ) {
    my $j = int rand( $i + 1 );
    @$deck[ $i, $j ] = @$deck[ $j, $i ];
  }
}
 
sub randcookie {
  my (@chars) = map { chr($_) } map { ord('A') .. ord('z') } 1 .. 10;
  fisher_yates_shuffle( \@chars );
  return join '', @chars[ 0 .. 10 ];
}
 
sub handle_request {
  my $req  = shift;
  my $resp = HTTP::Engine::Response->new();
 
  use YAML::XS qw( Dump );
 
  my $ctext = Dump({
      cookies => $req->cookies ,
      headers => $req->headers,
      request_uri => $req->request_uri,
  }  );
 
  $resp->status(200);
  $resp->headers->header( 'Content-Type' => 'text/plain' );
  $resp->body( $ctext );
 
  if( $req->request_uri =~ qr{/normal$} ){
    normal_cookies( $resp );
    return $resp;
  }
  if( $req->request_uri =~ qr{/normal2$} ){
    normal_cookies2( $resp );
    return $resp;
  }
 
  if( $req->request_uri =~ qr{/weird$} ){
    weird_cookies( $resp );
    return $resp;
  }
  if( $req->request_uri =~ qr{/weird2$} ){
    weird_cookies2( $resp );
    return $resp;
  }
  if( $req->request_uri =~ qr{/weird3$} ){
    weird_cookies3( $resp );
    return $resp;
  }
  if( $req->request_uri =~ qr{/weird4$} ){
    weird_cookies4( $resp );
    return $resp;
  }
 
 
  $resp->headers->header( 'Content-Type' => "text/html" );
  $resp->body(<<'EOF');
  <ul>
  <li><a href="/weird">Weird Cookies ( 2 cookies, 1 path, 1 string ) </a>
  <li><a href="/weird2">Weird Cookies2 ( 2 cookies, 1 path, array ) </a>
  <li><a href="/weird3">Weird Cookies3 ( 2 cookies, 2 paths, 1 string ) </a>
  <li><a href="/weird4">Weird Cookies4 ( 2 cookies, 2 paths, array ) </a>
 
  <li><a href="/normal">Normal Cookies ( 1 value, 1 path ) </a>
  <li><a href="/normal2">Normal Cookies2 ( 1 path, valuearray )( WARNING: Kills Server )</a>
  </ul>
EOF
 
  return $resp;
}
 
# Firefox only returns the most recently set value of foo.
 
sub normal_cookies {
  my $resp = shift;
  $resp->cookies->{foo} = { value => randcookie() };
}
 
# Firefox only returns the most recently set value of foo.
 
sub normal_cookies2 {
  my $resp = shift;
  # this is illegal.
  $resp->cookies->{foo} = [
    { value => 'A' . randcookie() },
    { value => 'B' . randcookie() },
  ];
}
 
#
#
# Note: We sent 2 cookies with identical keys,
# but firefox only sees the first, and returns only the first.
#
sub weird_cookies {
  my $resp = shift;
  $resp->headers->header('Set-Cookie' => 'foo=A' . randcookie(). '; path=/; foo=B' . randcookie() . '; path=/;' );
}
 
#
# This also sends 2 cookies, but puts a \n in the response, ie:
# >>
# Connection: close
# Content-Length: 586
# Content-Type: text/plain
# Set-Cookie: foo=AqZI_GmTOBlV; path=/;
# foo=BwMD^frWvQoW; path=/;
# Status: 200
# >>
 
# Firefox in this case only sees the last cookie.
#
sub weird_cookies2 {
  my $resp = shift;
  $resp->headers->header('Set-Cookie' => [
    'foo=A' . randcookie(). '; path=/;',
    'foo=B' . randcookie() . '; path=/;'
  ]);
}
 
sub weird_cookies3 {
  my $resp = shift;
  $resp->headers->header('Set-Cookie' => 'foo=A' . randcookie(). '; path=/; foo=B' . randcookie() . '; path=/wierd3;' );
}
 
sub weird_cookies4 {
  my $resp = shift;
  $resp->headers->header('Set-Cookie' => [
    'foo=A' . randcookie(). '; path=/;',
    'foo=B' . randcookie() . '; path=/weird4;'
  ]);
}
 
$engine->run();
 
            
      Text only #
    
    
        embed
        
      
      raw
    
  
            1
2
3
4
5
6
7
8
9
10
11

          
              I wrote a simple test server to demonstrate plainly how browsers react to various cookies, just to make sure we're not making things up, and it confers with our logic, that adding more cookie headers with the same value result in replacing the key.  
 
http://gist.github.com/221171
 
as such, the test 
 
ok($req->header("Cookie"), "x=bcd; foo=1; foo=1");  
 
is something that should never happen, at least on firefox. 
 
I can't imagine a sane case where you'd actually want to store the same cookie with the same key name twice, with either differing or the same value ... I think I shall report this as a bug.
Public Clone URL:	git://gist.github.com/221171.git Give this clone URL to anyone. `git clone git://gist.github.com/221171.git gist-221171`
Embed All Files:	show embed