handle spaces within av pair

CrowdHailer · lpil · commit 390a2b81bf2e · 2020-08-04T11:30:37.000+01:00
diff --git a/src/gleam/http.gleam b/src/gleam/http.gleam
@@ -499,6 +499,8 @@ fn parse_cookie_list(cookie_string) {
       case string.split_once(string.trim(pair), "=") {
         Ok(tuple("", _)) -> Error(Nil)
         Ok(tuple(key, value)) -> {
+            let key = string.trim(key)
+            let value = string.trim(value)
           try _ = check_token(bit_string.from_string(key))
           try _ = check_token(bit_string.from_string(value))
           Ok(tuple(key, value))
@@ -571,5 +573,5 @@ pub fn set_resp_cookie(resp, key, value, attributes) {
 }
 
 pub fn expire_resp_cookie(resp, key, attributes) {
-    set_resp_cookie(resp, key, "", cookie.expire_attributes(attributes))
+  set_resp_cookie(resp, key, "", cookie.expire_attributes(attributes))
 }
diff --git a/src/gleam/http/cookie.gleam b/src/gleam/http/cookie.gleam
@@ -13,7 +13,6 @@ pub type SameSitePolicy {
 
 pub type Attributes {
   Attributes(
-    // Expires is deprecated, we can still serialize a value for max compatibility
     max_age: Option(Int),
     domain: Option(String),
     path: Option(String),
@@ -47,34 +46,33 @@ pub fn default_attributes() {
 }
 
 fn same_site_to_string(policy) {
-    case policy {
-        Lax ->  "Lax"
-        Strict -> "Strict"
-        None -> "None"
-    }
+  case policy {
+    Lax -> "Lax"
+    Strict -> "Strict"
+    None -> "None"
+  }
 }
 
 pub fn expire_attributes(attributes) {
-    let Attributes(
-      max_age: _max_age,
-      domain: domain,
-      path: path,
-      secure: secure,
-      http_only: http_only,
-      same_site: same_site,
-    ) = attributes
-    Attributes(
-      max_age: Some(0),
-      domain: domain,
-      path: path,
-      secure: secure,
-      http_only: http_only,
-      same_site: same_site,
-    )
+  let Attributes(
+    max_age: _max_age,
+    domain: domain,
+    path: path,
+    secure: secure,
+    http_only: http_only,
+    same_site: same_site,
+  ) = attributes
+  Attributes(
+    max_age: Some(0),
+    domain: domain,
+    path: path,
+    secure: secure,
+    http_only: http_only,
+    same_site: same_site,
+  )
 }
 
-
-pub fn attributes_to_list(attributes) {
+fn attributes_to_list(attributes) {
   let Attributes(
     max_age: max_age,
     domain: domain,
@@ -84,9 +82,13 @@ pub fn attributes_to_list(attributes) {
     same_site: same_site,
   ) = attributes
   [
+    // Expires is a deprecated attribute for cookies, it has been replaced with MaxAge
+    // MaxAge is widely supported and so Expires values are not set.
+    // Only when deleting cookies is the exception made to use the old format,
+    // to ensure complete clearup of cookies if required by an application.
     case max_age {
-        Some(0) -> Some(["expires=Thu, 01 Jan 1970 00:00:00 GMT"])
-        _ -> option.None
+      Some(0) -> Some(["Expires=Thu, 01 Jan 1970 00:00:00 GMT"])
+      _ -> option.None
     },
     option.map(max_age, fn(max_age) { ["MaxAge=", int.to_string(max_age)] }),
     option.map(domain, fn(domain) { ["Domain=", domain] }),
@@ -112,5 +114,3 @@ pub fn set_cookie_string(key, value, attributes) {
   |> list.map(string.join(_, ""))
   |> string.join("; ")
 }
-// // Plug sets secure true automatically if request/conn is https
-// // https://github.com/elixir-plug/plug/blob/v1.10.3/lib/plug/conn.ex#L1464
diff --git a/test/gleam/http_test.gleam b/test/gleam/http_test.gleam
@@ -793,7 +793,7 @@ pub fn get_req_cookies_test() {
   |> should.equal([tuple("k1", "v1"), tuple("k2", "v2")])
 
   http.default_req()
-  |> http.prepend_req_header("cookie", " k1=v1 ; k2=v2 ")
+  |> http.prepend_req_header("cookie", " k1  =  v1 ; k2=v2 ")
   |> http.get_req_cookies()
   |> should.equal([tuple("k1", "v1"), tuple("k2", "v2")])
 
@@ -855,8 +855,10 @@ pub fn set_resp_cookie_test() {
 }
 
 pub fn expire_resp_cookie_test() {
-    http.response(200)
-    |> http.expire_resp_cookie("k1" , cookie.default_attributes())
-    |> http.get_resp_header("set-cookie")
-    |> should.equal(Ok("k1=; expires=Thu, 01 Jan 1970 00:00:00 GMT; MaxAge=0; Path=/; HttpOnly"))
+  http.response(200)
+  |> http.expire_resp_cookie("k1", cookie.default_attributes())
+  |> http.get_resp_header("set-cookie")
+  |> should.equal(
+    Ok("k1=; expires=Thu, 01 Jan 1970 00:00:00 GMT; MaxAge=0; Path=/; HttpOnly"),
+  )
 }

Original file line number	Diff line number	Diff line change
`@@ -499,6 +499,8 @@ fn parse_cookie_list(cookie_string) {`
`499`	`499`	`case string.split_once(string.trim(pair), "=") {`
`500`	`500`	`Ok(tuple("", _)) -> Error(Nil)`
`501`	`501`	`Ok(tuple(key, value)) -> {`
	`502`	`+ let key = string.trim(key)`
	`503`	`+ let value = string.trim(value)`
`502`	`504`	`try _ = check_token(bit_string.from_string(key))`
`503`	`505`	`try _ = check_token(bit_string.from_string(value))`
`504`	`506`	`Ok(tuple(key, value))`
`@@ -571,5 +573,5 @@ pub fn set_resp_cookie(resp, key, value, attributes) {`
`571`	`573`	`}`
`572`	`574`
`573`	`575`	`pub fn expire_resp_cookie(resp, key, attributes) {`
`574`		`- set_resp_cookie(resp, key, "", cookie.expire_attributes(attributes))`
	`576`	`+ set_resp_cookie(resp, key, "", cookie.expire_attributes(attributes))`
`575`	`577`	`}`