Project

General

Profile

Actions

Bug #4964

closed

open-uri failed to handle multiple "Set-Cookie" headers

Added by tdsparrow (ren li) over 12 years ago. Updated almost 11 years ago.

Status:
Closed
Target version:
ruby -v:
ruby 1.9.2p174 (2011-01-28 revision 30696) [i686-linux]
Backport:
[ruby-core:37734]

Description

=begin
== Problem
open-uri handle multiple "Set-Cookie" headers in a wrong way. Given a header from http server like:

   Set-Cookie: name1=value1; blabla
   Set-Cookie: name2=value2; blabla

open-uri will pack it into meta info of result like:

   Set-Cookie: name1=value; blabla, name2=value2; blabla

The problem is that line 332 of open-uri.rb
resp.each {|name,value| buf.io.meta_add_field name, value }

In turn will call invoke code in net/http.rb to join headers with ",".

== ruby -v:
ruby 1.9.2p174 (2011-01-28 revision 30696) [i686-linux]

== code:
require 'open-uri'
begin
open "http://douban.fm", :redirect => false
rescue OpenURI::HTTPRedirect => redirect
redirect.io.meta['set-cookie']
end

=end

Updated by naruse (Yui NARUSE) over 12 years ago

  • Category set to lib
  • Status changed from Open to Assigned
  • Assignee set to akr (Akira Tanaka)
  • Target version set to 1.9.3

Updated by nahi (Hiroshi Nakamura) over 12 years ago

As the original reporter said. Akr, we should use resp.to_hash instead of resp.each to avoid HTTP header concatenation.

It would introduce meta values incompatibility (String -> Array of String) so I propose to change the target version to '1.9.4'.

Updated by akr (Akira Tanaka) over 12 years ago

  • Target version changed from 1.9.3 to 2.0.0

I think we can fix the problem without incompatibility.
(new method to return array of field bodies for a field name.)

It needs new feature, though.

Updated by zzak (zzak _) about 11 years ago

This seems like feature, should move it to next minor or major?

Updated by naruse (Yui NARUSE) about 11 years ago

  • Target version changed from 2.0.0 to 2.6
Actions #6

Updated by akr (Akira Tanaka) almost 11 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r40207.
ren, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • lib/open-uri.rb: Support multiple fields with same field
    name (like Set-Cookie).
    (OpenURI::Meta#metas): New accessor to obtain fields as a Hash from
    field name (string) to field values (array of strings).
    [ruby-core:37734] [Bug #4964] reported by ren li.
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0