#!perl -w
use strict;
# to have a consistent baseline, we nail the current time
# to 100 seconds after the epoch
BEGIN {
*CORE::GLOBAL::time = sub { 100 };
}
use Test::More 'no_plan';
use CGI::Util qw(escape unescape);
use POSIX qw(strftime);
use CGI::Cookie;
#-----------------------------------------------------------------------------
# make sure module loaded
#-----------------------------------------------------------------------------
my @test_cookie = (
# including leading and trailing whitespace in first cookie
' foo=123 ; bar=qwerty; baz=wibble; qux=a1',
'foo=123; bar=qwerty; baz=wibble;',
'foo=vixen; bar=cow; baz=bitch; qux=politician',
'foo=a%20phrase; bar=yes%2C%20a%20phrase; baz=%5Ewibble; qux=%27',
);
#-----------------------------------------------------------------------------
# Test parse
#-----------------------------------------------------------------------------
{
my $result = CGI::Cookie->parse($test_cookie[0]);
is(ref($result), 'HASH', "Hash ref returned in scalar context");
my @result = CGI::Cookie->parse($test_cookie[0]);
is(@result, 8, "returns correct number of fields");
@result = CGI::Cookie->parse($test_cookie[1]);
is(@result, 6, "returns correct number of fields");
my %result = CGI::Cookie->parse($test_cookie[0]);
is($result{foo}->value, '123', "cookie foo is correct");
is($result{bar}->value, 'qwerty', "cookie bar is correct");
is($result{baz}->value, 'wibble', "cookie baz is correct");
is($result{qux}->value, 'a1', "cookie qux is correct");
my @array = CGI::Cookie->parse('');
my $scalar = CGI::Cookie->parse('');
is_deeply(\@array, [], " parse('') returns an empty array in list context (undocumented)");
is_deeply($scalar, {}, " parse('') returns an empty hashref in scalar context (undocumented)");
@array = CGI::Cookie->parse(undef);
$scalar = CGI::Cookie->parse(undef);
is_deeply(\@array, [], " parse(undef) returns an empty array in list context (undocumented)");
is_deeply($scalar, {}, " parse(undef) returns an empty hashref in scalar context (undocumented)");
}
#-----------------------------------------------------------------------------
# Test fetch
#-----------------------------------------------------------------------------
{
# make sure there are no cookies in the environment
delete $ENV{HTTP_COOKIE};
delete $ENV{COOKIE};
my %result = CGI::Cookie->fetch();
ok(keys %result == 0, "No cookies in environment, returns empty list");
# now set a cookie in the environment and try again
$ENV{HTTP_COOKIE} = $test_cookie[2];
%result = CGI::Cookie->fetch();
ok(eq_set([keys %result], [qw(foo bar baz qux)]),
"expected cookies extracted");
is(ref($result{foo}), 'CGI::Cookie', 'Type of objects returned is correct');
is($result{foo}->value, 'vixen', "cookie foo is correct");
is($result{bar}->value, 'cow', "cookie bar is correct");
is($result{baz}->value, 'bitch', "cookie baz is correct");
is($result{qux}->value, 'politician', "cookie qux is correct");
# Delete that and make sure it goes away
delete $ENV{HTTP_COOKIE};
%result = CGI::Cookie->fetch();
ok(keys %result == 0, "No cookies in environment, returns empty list");
# try another cookie in the other environment variable thats supposed to work
$ENV{COOKIE} = $test_cookie[3];
%result = CGI::Cookie->fetch();
ok(eq_set([keys %result], [qw(foo bar baz qux)]),
"expected cookies extracted");
is(ref($result{foo}), 'CGI::Cookie', 'Type of objects returned is correct');
is($result{foo}->value, 'a phrase', "cookie foo is correct");
is($result{bar}->value, 'yes, a phrase', "cookie bar is correct");
is($result{baz}->value, '^wibble', "cookie baz is correct");
is($result{qux}->value, "'", "cookie qux is correct");
}
#-----------------------------------------------------------------------------
# Test raw_fetch
#-----------------------------------------------------------------------------
{
# make sure there are no cookies in the environment
delete $ENV{HTTP_COOKIE};
delete $ENV{COOKIE};
my %result = CGI::Cookie->raw_fetch();
ok(keys %result == 0, "No cookies in environment, returns empty list");
# now set a cookie in the environment and try again
$ENV{HTTP_COOKIE} = $test_cookie[2];
%result = CGI::Cookie->raw_fetch();
ok(eq_set([keys %result], [qw(foo bar baz qux)]),
"expected cookies extracted");
is(ref($result{foo}), '', 'Plain scalar returned');
is($result{foo}, 'vixen', "cookie foo is correct");
is($result{bar}, 'cow', "cookie bar is correct");
is($result{baz}, 'bitch', "cookie baz is correct");
is($result{qux}, 'politician', "cookie qux is correct");
# Delete that and make sure it goes away
delete $ENV{HTTP_COOKIE};
%result = CGI::Cookie->raw_fetch();
ok(keys %result == 0, "No cookies in environment, returns empty list");
# try another cookie in the other environment variable thats supposed to work
$ENV{COOKIE} = $test_cookie[3];
%result = CGI::Cookie->raw_fetch();
ok(eq_set([keys %result], [qw(foo bar baz qux)]),
"expected cookies extracted");
is(ref($result{foo}), '', 'Plain scalar returned');
is($result{foo}, 'a%20phrase', "cookie foo is correct");
is($result{bar}, 'yes%2C%20a%20phrase', "cookie bar is correct");
is($result{baz}, '%5Ewibble', "cookie baz is correct");
is($result{qux}, '%27', "cookie qux is correct");
$ENV{COOKIE} = '$Version=1; foo; $Path="/test"';
%result = CGI::Cookie->raw_fetch();
is($result{foo}, '', 'no value translates to empty string');
}
#-----------------------------------------------------------------------------
# Test new
#-----------------------------------------------------------------------------
{
# Try new with full information provided
my $c = CGI::Cookie->new(-name => 'foo',
-value => 'bar',
-expires => '+3M',
-domain => '.capricorn.com',
-path => '/cgi-bin/database',
-secure => 1,
-httponly=> 1
);
is(ref($c), 'CGI::Cookie', 'new returns objects of correct type');
is($c->name , 'foo', 'name is correct');
is($c->value , 'bar', 'value is correct');
like($c->expires, '/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i', 'expires in correct format');
is($c->domain , '.capricorn.com', 'domain is correct');
is($c->path , '/cgi-bin/database', 'path is correct');
ok($c->secure , 'secure attribute is set');
ok( $c->httponly, 'httponly attribute is set' );
# now try it with the only two manditory values (should also set the default path)
$c = CGI::Cookie->new(-name => 'baz',
-value => 'qux',
);
is(ref($c), 'CGI::Cookie', 'new returns objects of correct type');
is($c->name , 'baz', 'name is correct');
is($c->value , 'qux', 'value is correct');
ok(!defined $c->expires, 'expires is not set');
ok(!defined $c->domain , 'domain attributeis not set');
is($c->path, '/', 'path atribute is set to default');
ok(!defined $c->secure , 'secure attribute is set');
ok( !defined $c->httponly, 'httponly attribute is not set' );
# I'm really not happy about the restults of this section. You pass
# the new method invalid arguments and it just merilly creates a
# broken object :-)
# I've commented them out because they currently pass but I don't
# think they should. I think this is testing broken behaviour :-(
# # This shouldn't work
# $c = CGI::Cookie->new(-name => 'baz' );
#
# is(ref($c), 'CGI::Cookie', 'new returns objects of correct type');
# is($c->name , 'baz', 'name is correct');
# ok(!defined $c->value, "Value is undefined ");
# ok(!defined $c->expires, 'expires is not set');
# ok(!defined $c->domain , 'domain attributeis not set');
# is($c->path , '/', 'path atribute is set to default');
# ok(!defined $c->secure , 'secure attribute is set');
}
#-----------------------------------------------------------------------------
# Test as_string
#-----------------------------------------------------------------------------
{
my $c = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1,
-httponly=> 1
);
my $name = $c->name;
like($c->as_string, "/$name/", "Stringified cookie contains name");
my $value = $c->value;
like($c->as_string, "/$value/", "Stringified cookie contains value");
my $expires = $c->expires;
like($c->as_string, "/$expires/", "Stringified cookie contains expires");
my $domain = $c->domain;
like($c->as_string, "/$domain/", "Stringified cookie contains domain");
my $path = $c->path;
like($c->as_string, "/$path/", "Stringified cookie contains path");
like($c->as_string, '/secure/', "Stringified cookie contains secure");
like( $c->as_string, '/HttpOnly/',
"Stringified cookie contains HttpOnly" );
$c = CGI::Cookie->new(-name => 'Hamster-Jam',
-value => 'Tulip',
);
$name = $c->name;
like($c->as_string, "/$name/", "Stringified cookie contains name");
$value = $c->value;
like($c->as_string, "/$value/", "Stringified cookie contains value");
ok($c->as_string !~ /expires/, "Stringified cookie has no expires field");
ok($c->as_string !~ /domain/, "Stringified cookie has no domain field");
$path = $c->path;
like($c->as_string, "/$path/", "Stringified cookie contains path");
ok($c->as_string !~ /secure/, "Stringified cookie does not contain secure");
ok( $c->as_string !~ /HttpOnly/,
"Stringified cookie does not contain HttpOnly" );
}
#-----------------------------------------------------------------------------
# Test compare
#-----------------------------------------------------------------------------
{
my $c1 = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1
);
# have to use $c1->expires because the time will occasionally be
# different between the two creates causing spurious failures.
my $c2 = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
-expires => $c1->expires,
-domain => '.pie-shop.com',
-path => '/',
-secure => 1
);
# This looks titally whacked, but it does the -1, 0, 1 comparison
# thing so 0 means they match
is($c1->compare("$c1"), 0, "Cookies are identical");
is( "$c1", "$c2", "Cookies are identical");
$c1 = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
-domain => '.foo.bar.com'
);
# have to use $c1->expires because the time will occasionally be
# different between the two creates causing spurious failures.
$c2 = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
);
# This looks titally whacked, but it does the -1, 0, 1 comparison
# thing so 0 (i.e. false) means they match
is($c1->compare("$c1"), 0, "Cookies are identical");
ok($c1->compare("$c2"), "Cookies are not identical");
$c2->domain('.foo.bar.com');
is($c1->compare("$c2"), 0, "Cookies are identical");
}
#-----------------------------------------------------------------------------
# Test name, value, domain, secure, expires and path
#-----------------------------------------------------------------------------
{
my $c = CGI::Cookie->new(-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1
);
is($c->name, 'Jam', 'name is correct');
is($c->name('Clash'), 'Clash', 'name is set correctly');
is($c->name, 'Clash', 'name now returns updated value');
# this is insane! it returns a simple scalar but can't accept one as
# an argument, you have to give it an arrary ref. It's totally
# inconsitent with these other methods :-(
is($c->value, 'Hamster', 'value is correct');
is($c->value(['Gerbil']), 'Gerbil', 'value is set correctly');
is($c->value, 'Gerbil', 'value now returns updated value');
my $exp = $c->expires;
like($c->expires, '/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i', 'expires is correct');
like($c->expires('+12h'), '/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i', 'expires is set correctly');
like($c->expires, '/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i', 'expires now returns updated value');
isnt($c->expires, $exp, "Expiry time has changed");
is($c->domain, '.pie-shop.com', 'domain is correct');
is($c->domain('.wibble.co.uk'), '.wibble.co.uk', 'domain is set correctly');
is($c->domain, '.wibble.co.uk', 'domain now returns updated value');
is($c->path, '/', 'path is correct');
is($c->path('/basket/'), '/basket/', 'path is set correctly');
is($c->path, '/basket/', 'path now returns updated value');
ok($c->secure, 'secure attribute is set');
ok(!$c->secure(0), 'secure attribute is cleared');
ok(!$c->secure, 'secure attribute is cleared');
}
#----------------------------------------------------------------------------
# Max-age
#----------------------------------------------------------------------------
MAX_AGE: {
my $cookie = CGI::Cookie->new( -name=>'a', value=>'b', '-expires' => 'now',);
is $cookie->expires, 'Thu, 01-Jan-1970 00:01:40 GMT';
is $cookie->max_age => undef, 'max-age is undefined when setting expires';
$cookie = CGI::Cookie->new( -name=>'a', 'value'=>'b' );
$cookie->max_age( '+4d' );
is $cookie->expires, undef, 'expires is undef when setting max_age';
is $cookie->max_age => 4*24*60*60, 'setting via max-age';
$cookie->max_age( '113' );
is $cookie->max_age => 13, 'max_age(num) as delta';
}
#----------------------------------------------------------------------------
# bake
#----------------------------------------------------------------------------
BAKE: {
my $cookie = CGI::Cookie->new( -name=>'a', value=>'b', '-expires' => 'now',);
# Older Perl may be confused while evaluating test results with cookie
# dump. To avoid this we will make sure that cookie is print on STDERR
# and not STDOUT.
my $oldfh = select(STDERR);
eval { $cookie->bake };
select($oldfh);
is($@,'', "calling bake() without mod_perl should survive");
}
#-----------------------------------------------------------------------------
# Apache2?::Cookie compatibility.
#-----------------------------------------------------------------------------
APACHEREQ: {
my $r = Apache::Faker->new;
isa_ok $r, 'Apache';
ok my $c = CGI::Cookie->new(
$r,
-name => 'Foo',
-value => 'Bar',
), 'Pass an Apache object to the CGI::Cookie constructor';
isa_ok $c, 'CGI::Cookie';
ok $c->bake($r), 'Bake the cookie';
ok eq_array( $r->{check}, [ 'Set-Cookie', $c->as_string ]),
'bake() should call headers_out->set()';
$r = Apache2::Faker->new;
isa_ok $r, 'Apache2::RequestReq';
ok $c = CGI::Cookie->new(
$r,
-name => 'Foo',
-value => 'Bar',
), 'Pass an Apache::RequestReq object to the CGI::Cookie constructor';
isa_ok $c, 'CGI::Cookie';
ok $c->bake($r), 'Bake the cookie';
ok eq_array( $r->{check}, [ 'Set-Cookie', $c->as_string ]),
'bake() should call headers_out->set()';
}
package Apache::Faker;
sub new { bless {}, shift }
sub isa {
my ($self, $pkg) = @_;
return $pkg eq 'Apache';
}
sub headers_out { shift }
sub add { shift->{check} = \@_; }
package Apache2::Faker;
sub new { bless {}, shift }
sub isa {
my ($self, $pkg) = @_;
return $pkg eq 'Apache2::RequestReq';
}
sub headers_out { shift }
sub add { shift->{check} = \@_; }