Created
September 13, 2020 23:49
-
-
Save bennadel/b463af3457d400a028be92943fb8265f to your computer and use it in GitHub Desktop.
Accessing Cookies With The Same Name In Lucee CFML 5.3.6.61
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfscript> | |
| // With "benben" as lowercase. | |
| cookie[ "benben" ] = { | |
| value: "lowercase for general", | |
| domain: ".local.invisionapp.com", | |
| secure: true, | |
| preserveCase: true, | |
| expires: "never" | |
| }; | |
| cookie[ "benben" ] = { | |
| value: "lowercase for specific", | |
| domain: ".projects.local.invisionapp.com", | |
| secure: true, | |
| preserveCase: true, | |
| expires: "never" | |
| }; | |
| // With "benben" as uppercase. | |
| cookie[ "BENBEN" ] = { | |
| value: "uppercase for general", | |
| domain: ".local.invisionapp.com", | |
| secure: true, | |
| preserveCase: true, | |
| expires: "never" | |
| }; | |
| cookie[ "BENBEN" ] = { | |
| value: "uppercase for specific", | |
| domain: ".projects.local.invisionapp.com", | |
| secure: true, | |
| preserveCase: true, | |
| expires: "never" | |
| }; | |
| </cfscript> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfscript> | |
| // Compare the Lucee-exposed Cookie scope to what's actually in the HTTP headers. | |
| dump( label = "Cookie Scope", var = cookie ); | |
| dump( label = "Cookie Headers", var = getCookieHeaders() ); | |
| // ------------------------------------------------------------------------------- // | |
| // ------------------------------------------------------------------------------- // | |
| /** | |
| * I parse the HTTP Cookie Header into a collection of name/value pairs. | |
| */ | |
| public array function getCookieHeaders() { | |
| var httpHeaders = getHttpRequestData().headers; | |
| var cookieHeader = ( httpHeaders.cookie ?: "" ); | |
| var results = cookieHeader | |
| .listToArray( ";" ) | |
| .map( | |
| ( pair ) => { | |
| // CAUTION: I don't actually know much about the security rules | |
| // around cookie encoding. As such, I'm going to use the strictest | |
| // parsing rules in canonicalize(), which will throw an error for | |
| // double-encoding and mixed-encoding formats. This may not be what | |
| // is appropriate for cookies. | |
| // -- | |
| // If you wanted a more relaxed version, you could just use the | |
| // urlDecode() function for general URL escape sequences. | |
| var sanitizedPair = ( canonicalize( pair, true, true ) ?: "" ); | |
| return({ | |
| name: sanitizedPair.listFirst( "=" ).trim(), | |
| value: sanitizedPair.listRest( "=" ).trim() | |
| }); | |
| } | |
| ) | |
| ; | |
| return( results ); | |
| } | |
| </cfscript> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment