Inject a leading . for better matching under JavaNetCookieJar

Closes: square#2549
t-gao · Jul 13, 2016 · fd509b9 · fd509b9
1 parent 8510d64
commit fd509b9
Show file tree

Hide file tree

Showing 3 changed files with 68 additions and 2 deletions.
diff --git a/okhttp-tests/src/test/java/okhttp3/CookiesTest.java b/okhttp-tests/src/test/java/okhttp3/CookiesTest.java
@@ -23,6 +23,7 @@
 import java.net.HttpURLConnection;
 import java.net.InetAddress;
 import java.net.URI;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -271,6 +272,58 @@ public void testNetscapeResponse() throws Exception {
     assertNull(request.getHeader("Quux"));
   }
 
+  @Test public void acceptOriginalServerMatchesSubdomain() throws Exception {
+    CookieManager cookieManager = new CookieManager(null, ACCEPT_ORIGINAL_SERVER);
+    JavaNetCookieJar cookieJar = new JavaNetCookieJar(cookieManager);
+
+    HttpUrl url = HttpUrl.parse("https://www.squareup.com/");
+    cookieJar.saveFromResponse(url, Arrays.asList(
+        Cookie.parse(url, "a=android; Domain=squareup.com")));
+    List<Cookie> actualCookies = cookieJar.loadForRequest(url);
+    assertEquals(1, actualCookies.size());
+    assertEquals("a", actualCookies.get(0).name());
+    assertEquals("android", actualCookies.get(0).value());
+  }
+
+  @Test public void acceptOriginalServerMatchesRfc2965Dot() throws Exception {
+    CookieManager cookieManager = new CookieManager(null, ACCEPT_ORIGINAL_SERVER);
+    JavaNetCookieJar cookieJar = new JavaNetCookieJar(cookieManager);
+
+    HttpUrl url = HttpUrl.parse("https://www.squareup.com/");
+    cookieJar.saveFromResponse(url, Arrays.asList(
+        Cookie.parse(url, "a=android; Domain=.squareup.com")));
+    List<Cookie> actualCookies = cookieJar.loadForRequest(url);
+    assertEquals(1, actualCookies.size());
+    assertEquals("a", actualCookies.get(0).name());
+    assertEquals("android", actualCookies.get(0).value());
+  }
+
+  @Test public void acceptOriginalServerMatchesExactly() throws Exception {
+    CookieManager cookieManager = new CookieManager(null, ACCEPT_ORIGINAL_SERVER);
+    JavaNetCookieJar cookieJar = new JavaNetCookieJar(cookieManager);
+
+    HttpUrl url = HttpUrl.parse("https://squareup.com/");
+    cookieJar.saveFromResponse(url, Arrays.asList(
+        Cookie.parse(url, "a=android; Domain=squareup.com")));
+    List<Cookie> actualCookies = cookieJar.loadForRequest(url);
+    assertEquals(1, actualCookies.size());
+    assertEquals("a", actualCookies.get(0).name());
+    assertEquals("android", actualCookies.get(0).value());
+  }
+
+  @Test public void acceptOriginalServerDoesNotMatchDifferentServer() throws Exception {
+    CookieManager cookieManager = new CookieManager(null, ACCEPT_ORIGINAL_SERVER);
+    JavaNetCookieJar cookieJar = new JavaNetCookieJar(cookieManager);
+
+    HttpUrl url1 = HttpUrl.parse("https://api.squareup.com/");
+    cookieJar.saveFromResponse(url1, Arrays.asList(
+        Cookie.parse(url1, "a=android; Domain=api.squareup.com")));
+
+    HttpUrl url2 = HttpUrl.parse("https://www.squareup.com/");
+    List<Cookie> actualCookies = cookieJar.loadForRequest(url2);
+    assertEquals(Collections.<Cookie>emptyList(), actualCookies);
+  }
+
   private HttpUrl urlWithIpAddress(MockWebServer server, String path) throws Exception {
     return server.url(path)
         .newBuilder()

diff --git a/okhttp-urlconnection/src/main/java/okhttp3/JavaNetCookieJar.java b/okhttp-urlconnection/src/main/java/okhttp3/JavaNetCookieJar.java
@@ -40,7 +40,7 @@ public JavaNetCookieJar(CookieHandler cookieHandler) {
     if (cookieHandler != null) {
       List<String> cookieStrings = new ArrayList<>();
       for (Cookie cookie : cookies) {
-        cookieStrings.add(cookie.toString());
+        cookieStrings.add(cookie.toString(true));
       }
       Map<String, List<String>> multimap = Collections.singletonMap("Set-Cookie", cookieStrings);
       try {

diff --git a/okhttp/src/main/java/okhttp3/Cookie.java b/okhttp/src/main/java/okhttp3/Cookie.java
@@ -530,6 +530,15 @@ public Cookie build() {
   }
 
   @Override public String toString() {
+    return toString(false);
+  }
+
+  /**
+   * @param forObsoleteRfc2965 true to include a leading {@code .} on the domain pattern. This is
+   *     necessary for {@code example.com} to match {@code www.example.com} under RFC 2965. This
+   *     extra dot is ignored by more recent specifications.
+   */
+  String toString(boolean forObsoleteRfc2965) {
     StringBuilder result = new StringBuilder();
     result.append(name);
     result.append('=');
@@ -544,7 +553,11 @@ public Cookie build() {
     }
 
     if (!hostOnly) {
-      result.append("; domain=").append(domain);
+      result.append("; domain=");
+      if (forObsoleteRfc2965) {
+        result.append(".");
+      }
+      result.append(domain);
     }
 
     result.append("; path=").append(path);