cookie parser: handle 'secure='

There are two keywords in cookie headers that don't follow the regular
name=value style: secure and httponly. Still we must support that they
are written like 'secure=' and then treat them as if they were written
'secure'. Test case 31 was much extended by Rob Ward to test this.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
Reported by: "gnombat"

1 files changed, 44 insertions, 0 deletions

diff --git a/tests/data/test31 b/tests/data/test31
index d06bc1180..5afe81df6 100644
--- a/tests/data/test31
+++ b/tests/data/test31
@@ -18,6 +18,28 @@ Content-Type: text/html
 Funny-head: yesyes

 Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure

 Set-Cookie:ismatch=this  ; domain=127.0.0.1; path=/silly/

+Set-Cookie: sec1value=secure1  ; domain=127.0.0.1; path=/secure1/ ; secure

+Set-Cookie: sec2value=secure2  ; domain=127.0.0.1; path=/secure2/ ; secure=

+Set-Cookie: sec3value=secure3  ; domain=127.0.0.1; path=/secure3/ ; secure=

+Set-Cookie: sec4value=secure4  ; secure=; domain=127.0.0.1; path=/secure4/ ; 
+Set-Cookie: sec5value=secure5  ; secure; domain=127.0.0.1; path=/secure5/ ; 
+Set-Cookie: sec6value=secure6  ; secure ; domain=127.0.0.1; path=/secure6/ ; 
+Set-Cookie: sec7value=secure7  ; secure   ; domain=127.0.0.1; path=/secure7/ ; 
+Set-Cookie: sec8value=secure8  ; secure= ; domain=127.0.0.1; path=/secure8/ ; 
+Set-Cookie: secure=very1  ; secure=; domain=127.0.0.1; path=/secure9/; 
+Set-Cookie: httpo1=value1  ; domain=127.0.0.1; path=/p1/; httponly
+Set-Cookie: httpo2=value2  ; domain=127.0.0.1; path=/p2/; httponly=
+Set-Cookie: httpo3=value3  ; httponly; domain=127.0.0.1; path=/p3/;
+Set-Cookie: httpo4=value4  ; httponly=; domain=127.0.0.1; path=/p4/; 
+Set-Cookie: httponly=myvalue1  ; domain=127.0.0.1; path=/p4/; httponly
+Set-Cookie: httpandsec=myvalue2  ; domain=127.0.0.1; path=/p4/; httponly; secure
+Set-Cookie: httpandsec2=myvalue3; domain=127.0.0.1; path=/p4/; httponly=; secure
+Set-Cookie: httpandsec3=myvalue4  ; domain=127.0.0.1; path=/p4/; httponly; secure=
+Set-Cookie: httpandsec4=myvalue5  ; domain=127.0.0.1; path=/p4/; httponly=; secure=
+Set-Cookie: httpandsec5=myvalue6  ; domain=127.0.0.1; path=/p4/; secure; httponly=
+Set-Cookie: httpandsec6=myvalue7  ; domain=127.0.0.1; path=/p4/; secure=; httponly=
+Set-Cookie: httpandsec7=myvalue8  ; domain=127.0.0.1; path=/p4/; secure; httponly
+Set-Cookie: httpandsec8=myvalue9; domain=127.0.0.1; path=/p4/; secure=; httponly

 Set-Cookie: partmatch=present; domain=127.0.0.1 ; path=/;

 Set-Cookie:eat=this; domain=moo.foo.moo;

 Set-Cookie: eat=this-too; domain=.foo.moo;

@@ -69,6 +91,28 @@ Accept: */*
 # This file was generated by libcurl! Edit at your own risk.
 
 .127.0.0.1	TRUE	/silly/	FALSE	0	ismatch	this
+.127.0.0.1	TRUE	/secure1/	TRUE	0	sec1value	secure1
+.127.0.0.1	TRUE	/secure2/	TRUE	0	sec2value	secure2
+.127.0.0.1	TRUE	/secure3/	TRUE	0	sec3value	secure3
+.127.0.0.1	TRUE	/secure4/	TRUE	0	sec4value	secure4
+.127.0.0.1	TRUE	/secure5/	TRUE	0	sec5value	secure5
+.127.0.0.1	TRUE	/secure6/	TRUE	0	sec6value	secure6
+.127.0.0.1	TRUE	/secure7/	TRUE	0	sec7value	secure7
+.127.0.0.1	TRUE	/secure8/	TRUE	0	sec8value	secure8
+.127.0.0.1	TRUE	/secure9/	TRUE	0	secure	very1
+#HttpOnly_.127.0.0.1	TRUE	/p1/	FALSE	0	httpo1	value1
+#HttpOnly_.127.0.0.1	TRUE	/p2/	FALSE	0	httpo2	value2
+#HttpOnly_.127.0.0.1	TRUE	/p3/	FALSE	0	httpo3	value3
+#HttpOnly_.127.0.0.1	TRUE	/p4/	FALSE	0	httpo4	value4
+#HttpOnly_.127.0.0.1	TRUE	/p4/	FALSE	0	httponly	myvalue1
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec	myvalue2
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec2	myvalue3
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec3	myvalue4
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec4	myvalue5
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec5	myvalue6
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec6	myvalue7
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec7	myvalue8
+#HttpOnly_.127.0.0.1	TRUE	/p4/	TRUE	0	httpandsec8	myvalue9
 .127.0.0.1	TRUE	/	FALSE	0	partmatch	present
 127.0.0.1	FALSE	/we/want/	FALSE	2054030187	nodomain	value
 #HttpOnly_127.0.0.1	FALSE	/silly/	FALSE	0	magic	yessir