From ecfcaa12fb2f1aa1226e9329e96cb4ecedbc1bc3 Mon Sep 17 00:00:00 2001
From: Jonathan Perret <jonathan@ut7.fr>
Date: Fri, 1 Dec 2017 17:25:17 +0100
Subject: Allow cookies without a value

Some cookies are seen in the wild consisting of just a name, without
even a "=" char. This allows parsing them as if they were written
"foo=", that is with an empty value.

Commit amended to add a few more test cases.
---
 src/cow_cookie.erl | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'src/cow_cookie.erl')

diff --git a/src/cow_cookie.erl b/src/cow_cookie.erl
index 7ee067a..60bf299 100644
--- a/src/cow_cookie.erl
+++ b/src/cow_cookie.erl
@@ -53,16 +53,16 @@ skip_cookie(<< $;, Rest/binary >>, Acc) ->
 skip_cookie(<< _, Rest/binary >>, Acc) ->
 	skip_cookie(Rest, Acc).
 
-parse_cookie_name(<<>>, _, _) ->
-	error(badarg);
+parse_cookie_name(<<>>, Acc, Name) ->
+	lists:reverse([{Name, <<>>}|Acc]);
 parse_cookie_name(<< $=, _/binary >>, _, <<>>) ->
 	error(badarg);
 parse_cookie_name(<< $=, Rest/binary >>, Acc, Name) ->
 	parse_cookie_value(Rest, Acc, Name, <<>>);
 parse_cookie_name(<< $,, _/binary >>, _, _) ->
 	error(badarg);
-parse_cookie_name(<< $;, _/binary >>, _, _) ->
-	error(badarg);
+parse_cookie_name(<< $;, Rest/binary >>, Acc, Name) ->
+	parse_cookie(Rest, [{Name, <<>>}|Acc]);
 parse_cookie_name(<< $\s, _/binary >>, _, _) ->
 	error(badarg);
 parse_cookie_name(<< $\t, _/binary >>, _, _) ->
@@ -151,8 +151,14 @@ parse_cookie_test_() ->
 		{<<"foo=;bar=">>, [{<<"foo">>, <<>>}, {<<"bar">>, <<>>}]},
 		{<<"foo=\\\";;bar=good ">>,
 			[{<<"foo">>, <<"\\\"">>}, {<<"bar">>, <<"good">>}]},
+		{<<"foo=\"\\\";bar=good">>,
+			[{<<"foo">>, <<"\"\\\"">>}, {<<"bar">>, <<"good">>}]},
 		{<<>>, []}, %% Flash player.
-		{<<"foo=bar , baz=wibble ">>, [{<<"foo">>, <<"bar , baz=wibble">>}]}
+		{<<"foo=bar , baz=wibble ">>, [{<<"foo">>, <<"bar , baz=wibble">>}]},
+		%% Technically invalid, but seen in the wild
+		{<<"foo">>, [{<<"foo">>, <<>>}]},
+		{<<"foo;">>, [{<<"foo">>, <<>>}]},
+		{<<"bar;foo=1">>, [{<<"bar">>, <<"">>}, {<<"foo">>, <<"1">>}]}
 	],
 	[{V, fun() -> R = parse_cookie(V) end} || {V, R} <- Tests].
 
@@ -160,9 +166,7 @@ parse_cookie_error_test_() ->
 	%% Value.
 	Tests = [
 		<<"=">>,
-		<<"  foo ; bar  ">>,
-		<<"foo=\\\";;bar ">>,
-		<<"foo=\"\\\";bar">>
+		<<"foo ">>
 	],
 	[{V, fun() -> {'EXIT', {badarg, _}} = (catch parse_cookie(V)) end} || V <- Tests].
 -endif.
-- 
cgit v1.2.3