# This was forked from the original cookie.t file distributed with CGI.pm 2.78
# Originally, only modification is to change CGI::Cookie to CGI::Simple::Cookie
# whenever it appeared. Since then the tests suites for CGI.pm and CGI::Simple
# have not been kept in sync.
# to have a consistent baseline, we nail the current time
# to 100 seconds after the epoch
BEGIN {
*CORE::GLOBAL::time = sub { 100 };
}
use Test::More tests => 98;
use strict;
use CGI::Simple::Util qw(escape unescape);
use POSIX qw(strftime);
#-----------------------------------------------------------------------------
# make sure module loaded
#-----------------------------------------------------------------------------
BEGIN {
use_ok( 'CGI::Simple::Cookie' );
}
my @test_cookie = (
'foo=123, bar=qwerty; baz=wib=ble ; qux=1&2&',
'foo=123; bar=qwerty; baz=wibble;',
'foo=vixen; bar=cow; baz=bitch; qux=politician',
'foo=a%20phrase; bar=yes%2C%20a%20phrase; baz=%5Ewibble; qux=%27',
);
#-----------------------------------------------------------------------------
# Test parse
#-----------------------------------------------------------------------------
{
my $result = CGI::Simple::Cookie->parse( $test_cookie[0] );
is( ref( $result ), 'HASH', "Hash ref returned in scalar context" );
my @result = CGI::Simple::Cookie->parse( $test_cookie[0] );
is( @result, 8, "returns correct number of fields" );
@result = CGI::Simple::Cookie->parse( $test_cookie[1] );
is( @result, 6, "returns correct number of fields" );
my %result = CGI::Simple::Cookie->parse( $test_cookie[0] );
is( $result{foo}->value, '123', "cookie foo is correct" );
is( $result{bar}->value, 'qwerty', "cookie bar is correct" );
is( $result{baz}->value, 'wib=ble', "cookie baz is correct" );
my @values = $result{qux}->value;
is_deeply(
\@values,
[ 1, 2, '' ],
"multiple values are supported including empty values."
);
}
#-----------------------------------------------------------------------------
# Test fetch
#-----------------------------------------------------------------------------
{
# make sure there are no cookies in the environment
delete $ENV{HTTP_COOKIE};
delete $ENV{COOKIE};
my %result = CGI::Simple::Cookie->fetch();
ok( keys %result == 0,
"No cookies in environment, returns empty list" );
# now set a cookie in the environment and try again
$ENV{HTTP_COOKIE} = $test_cookie[2];
%result = CGI::Simple::Cookie->fetch();
ok( eq_set( [ keys %result ], [qw(foo bar baz qux)] ),
"expected cookies extracted" );
is( ref( $result{foo} ),
'CGI::Simple::Cookie', 'Type of objects returned is correct' );
is( $result{foo}->value, 'vixen', "cookie foo is correct" );
is( $result{bar}->value, 'cow', "cookie bar is correct" );
is( $result{baz}->value, 'bitch', "cookie baz is correct" );
is( $result{qux}->value, 'politician', "cookie qux is correct" );
# Delete that and make sure it goes away
delete $ENV{HTTP_COOKIE};
%result = CGI::Simple::Cookie->fetch();
ok( keys %result == 0,
"No cookies in environment, returns empty list" );
# try another cookie in the other environment variable thats supposed to work
$ENV{COOKIE} = $test_cookie[3];
%result = CGI::Simple::Cookie->fetch();
ok( eq_set( [ keys %result ], [qw(foo bar baz qux)] ),
"expected cookies extracted" );
is( ref( $result{foo} ),
'CGI::Simple::Cookie', 'Type of objects returned is correct' );
is( $result{foo}->value, 'a phrase', "cookie foo is correct" );
is( $result{bar}->value, 'yes, a phrase', "cookie bar is correct" );
is( $result{baz}->value, '^wibble', "cookie baz is correct" );
is( $result{qux}->value, "'", "cookie qux is correct" );
}
#-----------------------------------------------------------------------------
# Test raw_fetch
#-----------------------------------------------------------------------------
{
# make sure there are no cookies in the environment
delete $ENV{HTTP_COOKIE};
delete $ENV{COOKIE};
my %result = CGI::Simple::Cookie->raw_fetch();
ok( keys %result == 0,
"No cookies in environment, returns empty list" );
# now set a cookie in the environment and try again
$ENV{HTTP_COOKIE} = $test_cookie[2];
%result = CGI::Simple::Cookie->raw_fetch();
ok( eq_set( [ keys %result ], [qw(foo bar baz qux)] ),
"expected cookies extracted" );
is( ref( $result{foo} ), '', 'Plain scalar returned' );
is( $result{foo}, 'vixen', "cookie foo is correct" );
is( $result{bar}, 'cow', "cookie bar is correct" );
is( $result{baz}, 'bitch', "cookie baz is correct" );
is( $result{qux}, 'politician', "cookie qux is correct" );
# Delete that and make sure it goes away
delete $ENV{HTTP_COOKIE};
%result = CGI::Simple::Cookie->raw_fetch();
ok( keys %result == 0,
"No cookies in environment, returns empty list" );
# try another cookie in the other environment variable thats supposed to work
$ENV{COOKIE} = $test_cookie[3];
%result = CGI::Simple::Cookie->raw_fetch();
ok( eq_set( [ keys %result ], [qw(foo bar baz qux)] ),
"expected cookies extracted" );
is( ref( $result{foo} ), '', 'Plain scalar returned' );
is( $result{foo}, 'a%20phrase', "cookie foo is correct" );
is( $result{bar}, 'yes%2C%20a%20phrase', "cookie bar is correct" );
is( $result{baz}, '%5Ewibble', "cookie baz is correct" );
is( $result{qux}, '%27', "cookie qux is correct" );
}
#-----------------------------------------------------------------------------
# Test new
#-----------------------------------------------------------------------------
{
# Try new with full information provided
my $c = CGI::Simple::Cookie->new(
-name => 'foo',
-value => 'bar',
-expires => '+3M',
-domain => '.capricorn.com',
-path => '/cgi-bin/database',
-secure => 1,
-httponly => 1
);
is( ref( $c ), 'CGI::Simple::Cookie',
'new returns objects of correct type' );
is( $c->name, 'foo', 'name is correct' );
is( $c->value, 'bar', 'value is correct' );
like(
$c->expires,
'/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i',
'expires in correct format'
);
is( $c->domain, '.capricorn.com', 'domain is correct' );
is( $c->path, '/cgi-bin/database', 'path is correct' );
ok( $c->secure, 'secure attribute is set' );
ok( $c->httponly, 'httponly attribute is set' );
# now try it with the only two manditory values (should also set the default path)
$c = CGI::Simple::Cookie->new(
-name => 'baz',
-value => 'qux',
);
is( ref( $c ), 'CGI::Simple::Cookie',
'new returns objects of correct type' );
is( $c->name, 'baz', 'name is correct' );
is( $c->value, 'qux', 'value is correct' );
ok( !defined $c->expires, 'expires is not set' );
ok( !defined $c->domain, 'domain attributeis not set' );
is( $c->path, '/', 'path atribute is set to default' );
ok( !defined $c->secure, 'secure attribute is not set' );
ok( !defined $c->httponly, 'httponly attribute is not set' );
# I'm really not happy about the restults of this section. You pass
# the new method invalid arguments and it just merilly creates a
# broken object :-)
# I've commented them out because they currently pass but I don't
# think they should. I think this is testing broken behaviour :-(
# # This shouldn't work
# $c = CGI::Simple::Cookie->new(-name => 'baz' );
#
# is(ref($c), 'CGI::Simple::Cookie', 'new returns objects of correct type');
# is($c->name , 'baz', 'name is correct');
# ok(!defined $c->value, "Value is undefined ");
# ok(!defined $c->expires, 'expires is not set');
# ok(!defined $c->domain , 'domain attributeis not set');
# is($c->path , '/', 'path atribute is set to default');
# ok(!defined $c->secure , 'secure attribute is set');
}
#-----------------------------------------------------------------------------
# Test as_string
#-----------------------------------------------------------------------------
{
my $c = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1,
-httponly => 1
);
my $name = $c->name;
like( $c->as_string, "/$name/", "Stringified cookie contains name" );
my $value = $c->value;
like( $c->as_string, "/$value/",
"Stringified cookie contains value" );
my $expires = $c->expires;
like( $c->as_string, "/$expires/",
"Stringified cookie contains expires" );
my $domain = $c->domain;
like( $c->as_string, "/$domain/",
"Stringified cookie contains domain" );
my $path = $c->path;
like( $c->as_string, "/$path/", "Stringified cookie contains path" );
like( $c->as_string, '/secure/',
"Stringified cookie contains secure" );
like( $c->as_string, '/HttpOnly/',
"Stringified cookie contains HttpOnly" );
$c = CGI::Simple::Cookie->new(
-name => 'Hamster-Jam',
-value => 'Tulip',
);
$name = $c->name;
like( $c->as_string, "/$name/", "Stringified cookie contains name" );
$value = $c->value;
like( $c->as_string, "/$value/",
"Stringified cookie contains value" );
ok( $c->as_string !~ /expires/,
"Stringified cookie has no expires field" );
ok( $c->as_string !~ /domain/,
"Stringified cookie has no domain field" );
$path = $c->path;
like( $c->as_string, "/$path/", "Stringified cookie contains path" );
ok( $c->as_string !~ /secure/,
"Stringified cookie does not contain secure" );
ok( $c->as_string !~ /HttpOnly/,
"Stringified cookie does not contain HttpOnly" );
}
#-----------------------------------------------------------------------------
# Test compare
#-----------------------------------------------------------------------------
{
my $c1 = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1,
-httponly => 1
);
# have to use $c1->expires because the time will occasionally be
# different between the two creates causing spurious failures.
my $c2 = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
-expires => $c1->expires,
-domain => '.pie-shop.com',
-path => '/',
-secure => 1,
-httponly => 1
);
# This looks titally whacked, but it does the -1, 0, 1 comparison
# thing so 0 means they match
is( $c1->compare( "$c1" ), 0, "Cookies are identical" );
is( $c1->compare( "$c2" ), 0, "Cookies are identical" );
$c1 = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
-domain => '.foo.bar.com'
);
# have to use $c1->expires because the time will occasionally be
# different between the two creates causing spurious failures.
$c2 = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
);
# This looks titally whacked, but it does the -1, 0, 1 comparison
# thing so 0 (i.e. false) means they match
is( $c1->compare( "$c1" ), 0, "Cookies are identical" );
ok( $c1->compare( "$c2" ), "Cookies are not identical" );
$c2->domain( '.foo.bar.com' );
is( $c1->compare( "$c2" ), 0, "Cookies are identical" );
}
#-----------------------------------------------------------------------------
# Test name, value, domain, secure, expires and path
#-----------------------------------------------------------------------------
{
my $c = CGI::Simple::Cookie->new(
-name => 'Jam',
-value => 'Hamster',
-expires => '+3M',
-domain => '.pie-shop.com',
-path => '/',
-secure => 1,
-httponly => 1
);
is( $c->name, 'Jam', 'name is correct' );
is( $c->name( 'Clash' ), 'Clash', 'name is set correctly' );
is( $c->name, 'Clash', 'name now returns updated value' );
# this is insane! it returns a simple scalar but can't accept one as
# an argument, you have to give it an arrary ref. It's totally
# inconsitent with these other methods :-(
is( $c->value, 'Hamster', 'value is correct' );
is( $c->value( ['Gerbil'] ), 'Gerbil', 'value is set correctly' );
is( $c->value, 'Gerbil', 'value now returns updated value' );
my $exp = $c->expires;
like(
$c->expires,
'/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i',
'expires is correct'
);
like(
$c->expires( '+12h' ),
'/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i',
'expires is set correctly'
);
like(
$c->expires,
'/^[a-z]{3},\s*\d{2}-[a-z]{3}-\d{4}/i',
'expires now returns updated value'
);
isnt( $c->expires, $exp, "Expiry time has changed" );
is( $c->domain, '.pie-shop.com', 'domain is correct' );
is( $c->domain( '.wibble.co.uk' ),
'.wibble.co.uk', 'domain is set correctly' );
is( $c->domain, '.wibble.co.uk', 'domain now returns updated value' );
is( $c->path, '/', 'path is correct' );
is( $c->path( '/basket/' ), '/basket/', 'path is set correctly' );
is( $c->path, '/basket/', 'path now returns updated value' );
ok( $c->secure, 'secure attribute is set' );
ok( !$c->secure( 0 ), 'secure attribute is cleared' );
ok( !$c->secure, 'secure attribute is cleared' );
ok( $c->httponly, 'httponly attribute is set' );
ok( !$c->httponly( 0 ), 'httponly attribute is cleared' );
ok( !$c->httponly, 'httponly attribute is cleared' );
}
#----------------------------------------------------------------------------
# Max-age
#----------------------------------------------------------------------------
MAX_AGE: {
{
my $cookie = CGI::Simple::Cookie->new(
-name => 'a',
value => 'b',
'-expires' => 'now',
);
is $cookie->expires, 'Thu, 01-Jan-1970 00:01:40 GMT';
is $cookie->max_age => undef,
'max-age is undefined when setting expires';
}
{
my $cookie
= CGI::Simple::Cookie->new( -name => 'a', 'value' => 'b' );
$cookie->max_age( '+4d' );
is $cookie->expires, undef, 'expires is undef when setting max_age';
is $cookie->max_age => 4 * 24 * 60 * 60, 'setting via max-age';
$cookie->max_age( '113' );
is $cookie->max_age => 13, 'max_age(num) as delta';
}
}