1
0
Fork 0
mirror of https://github.com/actix/actix-web.git synced 2025-01-02 13:28:44 +00:00

support parsing of SameSite=None (#1503)

This commit is contained in:
Takeru Sato 2020-05-13 01:48:35 +09:00 committed by GitHub
parent bbd4d19830
commit 63864ecf9e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 41 additions and 0 deletions

View file

@ -1,5 +1,11 @@
# Changes
## [Unreleased]
### Fixed
* Support parsing of `SameSite=None` [#1503]
## [2.0.0-alpha.3] - 2020-05-08
### Fixed

View file

@ -172,6 +172,8 @@ fn parse_inner<'c>(s: &str, decode: bool) -> Result<Cookie<'c>, ParseError> {
cookie.same_site = Some(SameSite::Strict);
} else if v.eq_ignore_ascii_case("lax") {
cookie.same_site = Some(SameSite::Lax);
} else if v.eq_ignore_ascii_case("none") {
cookie.same_site = Some(SameSite::None);
} else {
// We do nothing here, for now. When/if the `SameSite`
// attribute becomes standard, the spec says that we should
@ -261,6 +263,16 @@ mod tests {
assert_eq_parse!("foo=bar; SameSite=strict", expected);
assert_eq_parse!("foo=bar; SameSite=STrICT", expected);
assert_eq_parse!("foo=bar; SameSite=STRICT", expected);
let expected = Cookie::build("foo", "bar")
.same_site(SameSite::None)
.finish();
assert_eq_parse!("foo=bar; SameSite=None", expected);
assert_eq_parse!("foo=bar; SameSITE=None", expected);
assert_eq_parse!("foo=bar; SameSite=nOne", expected);
assert_eq_parse!("foo=bar; SameSite=NoNE", expected);
assert_eq_parse!("foo=bar; SameSite=NONE", expected);
}
#[test]
@ -396,6 +408,29 @@ mod tests {
Domain=foo.com; Expires=Wed, 21 Oct 2015 07:28:00 GMT",
unexpected
);
expected.set_expires(expires);
expected.set_same_site(SameSite::Lax);
assert_eq_parse!(
" foo=bar ;HttpOnly; Secure; Max-Age=4; Path=/foo; \
Domain=foo.com; Expires=Wed, 21 Oct 2015 07:28:00 GMT; \
SameSite=Lax",
expected
);
expected.set_same_site(SameSite::Strict);
assert_eq_parse!(
" foo=bar ;HttpOnly; Secure; Max-Age=4; Path=/foo; \
Domain=foo.com; Expires=Wed, 21 Oct 2015 07:28:00 GMT; \
SameSite=Strict",
expected
);
expected.set_same_site(SameSite::None);
assert_eq_parse!(
" foo=bar ;HttpOnly; Secure; Max-Age=4; Path=/foo; \
Domain=foo.com; Expires=Wed, 21 Oct 2015 07:28:00 GMT; \
SameSite=None",
expected
);
}
#[test]